CVE-2023-53661
N/A
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
bnxt: avoid overflow in bnxt_get_nvram_directory()
The value of an arithmetic expression is subject of possible overflow due to a failure to cast operands to a larger data type before performing arithmetic. Used macro for multiplication instead operator for avoiding overflow.
Found by Security Code and Linux Verification Center (linuxtesting.org) with SVACE.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | c0c050c58d840994ba842ad1c338a98e7c12b764 < d5eaf2a6b077f32a477feb1e9e1c1f60605b460e | affected |
| Linux | Linux | c0c050c58d840994ba842ad1c338a98e7c12b764 < efb1a257513438d43f4335f09b2f684e8167cad2 | affected |
| Linux | Linux | c0c050c58d840994ba842ad1c338a98e7c12b764 < 17e0453a7523ad7a25bb47af941b150a6c66d7b6 | affected |
| Linux | Linux | c0c050c58d840994ba842ad1c338a98e7c12b764 < 7c6dddc239abe660598c49ec95ea0ed6399a4b2a | affected |
| Linux | Linux | 4.4 | affected |
| Linux | Linux | 0 < 4.4 | unaffected |
| Linux | Linux | 5.15.113 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.30 <= 6.1.* | unaffected |
| Linux | Linux | 6.3.4 <= 6.3.* | unaffected |
| Linux | Linux | 6.4 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/d5eaf2a6b077f32a477feb1e9e1c1f60605b460e
- https://git.kernel.org/stable/c/efb1a257513438d43f4335f09b2f684e8167cad2
- https://git.kernel.org/stable/c/17e0453a7523ad7a25bb47af941b150a6c66d7b6
- https://git.kernel.org/stable/c/7c6dddc239abe660598c49ec95ea0ed6399a4b2a
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.