CVE-2023-53495

Sažetak

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mvpp2_main: fix possible OOB write in mvpp2_ethtool_get_rxnfc() rules is allocated in ethtool_get_rxnfc and the size is determined by rule_cnt from user space. So rule_cnt needs to be check before using rules to avoid OOB writing or NULL pointer dereference.

Reference

https://git.kernel.org/stable/c/349638f7e5d3c7d328565587bb7b0454bbee02e2
https://git.kernel.org/stable/c/51fe0a470543f345e3c62b6798929de3ddcedc1d
https://git.kernel.org/stable/c/5bb09dddc724c5f7c4dc6dd3bfebd685eecd93e8
https://git.kernel.org/stable/c/61054a8ddb176b155a8f2bacdfefb3727187f5d9
https://git.kernel.org/stable/c/625b70d31dd4df4b96b3ddcbe251debb33bd67f5
https://git.kernel.org/stable/c/ba6673824efa3dc198b04a54e69dce480066d7d9

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

02-10-2025 - 19:12

Objavljeno

01-10-2025 - 12:15