CVE-2023-53495
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
01/10/2025
Última modificación:
02/10/2025
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
net: ethernet: mvpp2_main: fix possible OOB write in mvpp2_ethtool_get_rxnfc()<br />
<br />
rules is allocated in ethtool_get_rxnfc and the size is determined by<br />
rule_cnt from user space. So rule_cnt needs to be check before using<br />
rules to avoid OOB writing or NULL pointer dereference.
Impacto
Referencias a soluciones, herramientas e información
- https://git.kernel.org/stable/c/349638f7e5d3c7d328565587bb7b0454bbee02e2
- https://git.kernel.org/stable/c/51fe0a470543f345e3c62b6798929de3ddcedc1d
- https://git.kernel.org/stable/c/5bb09dddc724c5f7c4dc6dd3bfebd685eecd93e8
- https://git.kernel.org/stable/c/61054a8ddb176b155a8f2bacdfefb3727187f5d9
- https://git.kernel.org/stable/c/625b70d31dd4df4b96b3ddcbe251debb33bd67f5
- https://git.kernel.org/stable/c/ba6673824efa3dc198b04a54e69dce480066d7d9