CVE-2023-53657

Summary

In the Linux kernel, the following vulnerability has been resolved:

ice: Don't tx before switchdev is fully configured

There is possibility that ice_eswitch_port_start_xmit might be called while some resources are still not allocated which might cause NULL pointer dereference. Fix this by checking if switchdev configuration was finished.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf5396b8a663f7a78ee5b75a47ee524b40795b265 < 5760a72b3060150b587eff3e879648c7470efdddaffected
LinuxLinuxf5396b8a663f7a78ee5b75a47ee524b40795b265 < 63ff5a94649837d980e3b9ef535c793ec8cb0ca7affected
LinuxLinuxf5396b8a663f7a78ee5b75a47ee524b40795b265 < 7aa529a69e92b9aff585e569d5003f7c15d8d60baffected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux6.1.55 <= 6.1.*unaffected
LinuxLinux6.5.5 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

References