{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T16:22:35.672","vulnerabilities":[{"cve":{"id":"CVE-2023-53680","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-10-07T16:15:52.160","lastModified":"2026-02-26T23:09:39.050","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Avoid calling OPDESC() with ops->opnum == OP_ILLEGAL\n\nOPDESC() simply indexes into nfsd4_ops[] by the op's operation\nnumber, without range checking that value. It assumes callers are\ncareful to avoid calling it with an out-of-bounds opnum value.\n\nnfsd4_decode_compound() is not so careful, and can invoke OPDESC()\nwith opnum set to OP_ILLEGAL, which is 10044 -- well beyond the end\nof nfsd4_ops[]."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.14","versionEndExcluding":"5.10.220","matchCriteriaId":"DE4ACFB8-0C5D-4961-BEB5-F3178AF7C9FB"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.107","matchCriteriaId":"6BCC0C73-754E-4985-A087-F74888650709"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.24","matchCriteriaId":"E6EC432F-985F-450F-954E-7EAD42ADA1F8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.2.11","matchCriteriaId":"93C03C9A-798F-4CD5-912F-A436BFA0CC7E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*","matchCriteriaId":"B8E3B0E8-FA27-4305-87BB-AF6C25B160CB"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*","matchCriteriaId":"A47F0FC3-CE52-4BA1-BA51-22F783938431"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:*","matchCriteriaId":"3583026A-27EC-4A4C-850A-83F2AF970673"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.3:rc4:*:*:*:*:*:*","matchCriteriaId":"DC271202-7570-4505-89A4-D602D47BFD00"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.3:rc5:*:*:*:*:*:*","matchCriteriaId":"D413BB6D-4F74-4C7D-9163-47786619EF53"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/50827896c365e0f6c8b55ed56d444dafd87c92c5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/804d8e0a6e54427268790472781e03bc243f4ee3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a64160124d5a078be0c380b1e8a0bad2d040d3a1","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/f352c41fa718482979e7e6b71b4da2b718e381cc","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/ffcbcf087581ae68ddc0a21460f7ecd4315bdd0e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}