Lucene search
416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2023-52626HistoryMar 26, 2024 - 6:15 p.m.
CVE-2023-52626
2024-03-2618:15:09
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
61
linux kernel
vulnerability
cve-2023-52626
resolved
net/mlx5e
timestamping
napi_poll
out-of-bound read
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context
Indirection (*) is of lower precedence than postfix increment (++). Logic
in napi_poll context would cause an out-of-bound read by first increment
the pointer address by byte address space and then dereference the value.
Rather, the intended logic was to dereference first and then increment the
underlying value.
Affected configurations
Node
linuxlinux_kernelRange6.7–6.6.15
ORlinuxlinux_kernelRange6.7.0–6.7.3
ORlinuxlinux_kernelRange6.8.0≥
| Vendor | Product | Version | CPE |
|---|---|---|---|
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
| linux | linux_kernel | * | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "unaffected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en/ptp.c"
],
"versions": [
{
"version": "e5d30f7da357",
"lessThan": "40e0d0746390",
"status": "affected",
"versionType": "git"
},
{
"version": "92214be5979c",
"lessThan": "33cdeae8c6fb",
"status": "affected",
"versionType": "git"
},
{
"version": "92214be5979c",
"lessThan": "3876638b2c7e",
"status": "affected",
"versionType": "git"
}
]
},
{
"product": "Linux",
"vendor": "Linux",
"defaultStatus": "affected",
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"programFiles": [
"drivers/net/ethernet/mellanox/mlx5/core/en/ptp.c"
],
"versions": [
{
"version": "6.7",
"status": "affected"
},
{
"version": "0",
"lessThan": "6.7",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.6.15",
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.7.3",
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"versionType": "custom"
},
{
"version": "6.8",
"lessThanOrEqual": "*",
"status": "unaffected",
"versionType": "original_commit_for_fix"
}
]
}
]Related
debiancve
debiancve
CVE-2023-52626
2024-03-26 18:15:09
cvelist
cvelist
nvd
nvd
CVE-2023-52626
2024-03-26 18:15:09
redhatcve
redhatcve
CVE-2023-52626
2024-03-26 22:00:01
ubuntucve
ubuntucve
CVE-2023-52626
2024-03-26 00:00:00
osv
osv
linux-oem-6.5 vulnerabilities
2024-05-07 15:22:10
linux-nvidia-6.5 vulnerabilities
2024-06-14 15:59:05
linux-laptop vulnerabilities
2024-06-10 16:09:36
ubuntu
ubuntu
Linux kernel (OEM) vulnerabilities
2024-05-07 00:00:00
Linux kernel vulnerabilities
2024-06-07 00:00:00
Linux kernel (HWE) vulnerabilities
2024-06-18 00:00:00
nessus
nessus
Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6765-1)
2024-05-07 00:00:00
Ubuntu 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6819-4)
2024-06-26 00:00:00
Ubuntu 23.10 : Linux kernel vulnerabilities (USN-6819-2)
2024-06-11 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6765-1)
2024-05-08 00:00:00
Ubuntu: Security Advisory (USN-6819-3)
2024-06-13 00:00:00
Ubuntu: Security Advisory (USN-6818-3)
2024-06-17 00:00:00