CVE-2023-53648

low-risk

Published 2025-10-07

In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer smatch error: sound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error: we previously assumed 'rac97' could be null (see line 2072) remove redundant assignment, return error if rac97 is NULL.

Do I need to act?

0.03% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (9)

Patch https://git.kernel.org/stable/c/09baf460dfba79ee6a0c72e68ccdbbba84d894df

Patch https://git.kernel.org/stable/c/228da1fa124470606ac19783e551f9d51a1e01b0

Patch https://git.kernel.org/stable/c/300e26e3e64880de5013eac8831cf44387ef752c

Patch https://git.kernel.org/stable/c/5f13d67027fa782096e6aee0db5dce61c4aeb613

Patch https://git.kernel.org/stable/c/79597c8bf64ca99eab385115743131d260339da5

Patch https://git.kernel.org/stable/c/809af7bb4219bdeef0dbb8b2ed700d6516d13fe9

Patch https://git.kernel.org/stable/c/d28b83252e150155b8b8c65b612c555e93c8b45f

Patch https://git.kernel.org/stable/c/e4cccff1e7ab6ea30995b6fbbb007d02647e025c

Patch https://git.kernel.org/stable/c/f923a582217b198b557756809ffe42ac0fad6adb

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal