CVE-2023-53272

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: ena: fix shift-out-of-bounds in exponential backoff<br /> <br /> The ENA adapters on our instances occasionally reset. Once recently<br /> logged a UBSAN failure to console in the process:<br /> <br /> UBSAN: shift-out-of-bounds in build/linux/drivers/net/ethernet/amazon/ena/ena_com.c:540:13<br /> shift exponent 32 is too large for 32-bit type &amp;#39;unsigned int&amp;#39;<br /> CPU: 28 PID: 70012 Comm: kworker/u72:2 Kdump: loaded not tainted 5.15.117<br /> Hardware name: Amazon EC2 c5d.9xlarge/, BIOS 1.0 10/16/2017<br /> Workqueue: ena ena_fw_reset_device [ena]<br /> Call Trace:<br /> <br /> dump_stack_lvl+0x4a/0x63<br /> dump_stack+0x10/0x16<br /> ubsan_epilogue+0x9/0x36<br /> __ubsan_handle_shift_out_of_bounds.cold+0x61/0x10e<br /> ? __const_udelay+0x43/0x50<br /> ena_delay_exponential_backoff_us.cold+0x16/0x1e [ena]<br /> wait_for_reset_state+0x54/0xa0 [ena]<br /> ena_com_dev_reset+0xc8/0x110 [ena]<br /> ena_down+0x3fe/0x480 [ena]<br /> ena_destroy_device+0xeb/0xf0 [ena]<br /> ena_fw_reset_device+0x30/0x50 [ena]<br /> process_one_work+0x22b/0x3d0<br /> worker_thread+0x4d/0x3f0<br /> ? process_one_work+0x3d0/0x3d0<br /> kthread+0x12a/0x150<br /> ? set_kthread_struct+0x50/0x50<br /> ret_from_fork+0x22/0x30<br /> <br /> <br /> Apparently, the reset delays are getting so large they can trigger a<br /> UBSAN panic.<br /> <br /> Looking at the code, the current timeout is capped at 5000us. Using a<br /> base value of 100us, the current code will overflow after (1