Bug 2402189 (CVE-2023-53654)
| Summary: | CVE-2023-53654 kernel: octeontx2-af: Add validation before accessing cgx and lmac | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | OSIDB Bzimport <bzimport> |
| Component: | vulnerability | Assignee: | Product Security DevOps Team <prodsec-dev> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | Keywords: | Security |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: |
A bounds-checking error was found in the Linux kernel Marvell OcteonTX2 network driver's initialization code. On systems with newer CN10K RPM or CN10KB RPM_USX hardware, a local user with privileges to initialize the driver can trigger driver probe, causing the driver to make incorrect assumptions about hardware topology and access Coherent Global Interconnect eXchange blocks and Logical MAC interfaces using invalid array indices, which leads to out-of-bounds memory access and denial of service through kernel panic.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
OSIDB Bzimport
2025-10-07 16:01:41 UTC
|