-

CVE-2023-53495

EPSS 0.03%
Veröffentlicht 01.10.2025 12:15:52
Zuletzt bearbeitet 02.10.2025 19:12:17
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

net: ethernet: mvpp2_main: fix possible OOB write in mvpp2_ethtool_get_rxnfc()

rules is allocated in ethtool_get_rxnfc and the size is determined by
rule_cnt from user space. So rule_cnt needs to be check before using
rules to avoid OOB writing or NULL pointer dereference.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < ba6673824efa3dc198b04a54e69dce480066d7d9

Version 90b509b39ac9b09be88eb641c7a3abd8de06b698

Status affected

Version < 61054a8ddb176b155a8f2bacdfefb3727187f5d9

Version 90b509b39ac9b09be88eb641c7a3abd8de06b698

Status affected

Version < 5bb09dddc724c5f7c4dc6dd3bfebd685eecd93e8

Version 90b509b39ac9b09be88eb641c7a3abd8de06b698

Status affected

Version < 349638f7e5d3c7d328565587bb7b0454bbee02e2

Version 90b509b39ac9b09be88eb641c7a3abd8de06b698

Status affected

Version < 625b70d31dd4df4b96b3ddcbe251debb33bd67f5

Version 90b509b39ac9b09be88eb641c7a3abd8de06b698

Status affected

Version < 51fe0a470543f345e3c62b6798929de3ddcedc1d

Version 90b509b39ac9b09be88eb641c7a3abd8de06b698

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.2

Status affected

Version < 5.2

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.257

Status unaffected

Version <= 5.10.*

Version 5.10.195

Status unaffected

Version <= 5.15.*

Version 5.15.132

Status unaffected

Version <= 6.1.*

Version 6.1.54

Status unaffected

Version <= 6.5.*

Version 6.5.4

Status unaffected

Version <= *

Version 6.6

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.081

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/349638f7e5d3c7d328565587bb7b0454bbee02e2

https://git.kernel.org/stable/c/51fe0a470543f345e3c62b6798929de3ddcedc1d

https://git.kernel.org/stable/c/5bb09dddc724c5f7c4dc6dd3bfebd685eecd93e8

https://git.kernel.org/stable/c/61054a8ddb176b155a8f2bacdfefb3727187f5d9

https://git.kernel.org/stable/c/625b70d31dd4df4b96b3ddcbe251debb33bd67f5

https://git.kernel.org/stable/c/ba6673824efa3dc198b04a54e69dce480066d7d9

https://nvd.nist.gov/vuln/detail/CVE-2023-53495

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53495

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53495

EUVD