CVE-2023-54129

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> octeontx2-af: Add validation for lmac type<br /> <br /> Upon physical link change, firmware reports to the kernel about the<br /> change along with the details like speed, lmac_type_id, etc.<br /> Kernel derives lmac_type based on lmac_type_id received from firmware.<br /> <br /> In a few scenarios, firmware returns an invalid lmac_type_id, which<br /> is resulting in below kernel panic. This patch adds the missing<br /> validation of the lmac_type_id field.<br /> <br /> Internal error: Oops: 96000005 [#1] PREEMPT SMP<br /> [ 35.321595] Modules linked in:<br /> [ 35.328982] CPU: 0 PID: 31 Comm: kworker/0:1 Not tainted<br /> 5.4.210-g2e3169d8e1bc-dirty #17<br /> [ 35.337014] Hardware name: Marvell CN103XX board (DT)<br /> [ 35.344297] Workqueue: events work_for_cpu_fn<br /> [ 35.352730] pstate: 40400089 (nZcv daIf +PAN -UAO)<br /> [ 35.360267] pc : strncpy+0x10/0x30<br /> [ 35.366595] lr : cgx_link_change_handler+0x90/0x180