CVE-2023-53661

EPSS 0.02%
Veröffentlicht 07.10.2025 15:21:20
Zuletzt bearbeitet 03.02.2026 19:55:25
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

bnxt: avoid overflow in bnxt_get_nvram_directory()

The value of an arithmetic expression is subject
of possible overflow due to a failure to cast operands to a larger data
type before performing arithmetic. Used macro for multiplication instead
operator for avoiding overflow.

Found by Security Code and Linux Verification
Center (linuxtesting.org) with SVACE.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 4.4 < 5.15.113

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.30

Linux ≫ Linux Kernel Version >= 6.2 < 6.3.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.052

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE-190 Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

https://git.kernel.org/stable/c/d5eaf2a6b077f32a477feb1e9e1c1f60605b460e

Patch

https://git.kernel.org/stable/c/efb1a257513438d43f4335f09b2f684e8167cad2

Patch

https://git.kernel.org/stable/c/17e0453a7523ad7a25bb47af941b150a6c66d7b6

Patch

https://git.kernel.org/stable/c/7c6dddc239abe660598c49ec95ea0ed6399a4b2a

Patch

https://nvd.nist.gov/vuln/detail/CVE-2023-53661

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53661

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53661

EUVD