CVE-2023-54129

EPSS 0.03%
Veröffentlicht 24.12.2025 13:06:46
Zuletzt bearbeitet 29.12.2025 15:58:34
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-af: Add validation for lmac type

Upon physical link change, firmware reports to the kernel about the
change along with the details like speed, lmac_type_id, etc.
Kernel derives lmac_type based on lmac_type_id received from firmware.

In a few scenarios, firmware returns an invalid lmac_type_id, which
is resulting in below kernel panic. This patch adds the missing
validation of the lmac_type_id field.

Internal error: Oops: 96000005 [#1] PREEMPT SMP
[   35.321595] Modules linked in:
[   35.328982] CPU: 0 PID: 31 Comm: kworker/0:1 Not tainted
5.4.210-g2e3169d8e1bc-dirty #17
[   35.337014] Hardware name: Marvell CN103XX board (DT)
[   35.344297] Workqueue: events work_for_cpu_fn
[   35.352730] pstate: 40400089 (nZcv daIf +PAN -UAO)
[   35.360267] pc : strncpy+0x10/0x30
[   35.366595] lr : cgx_link_change_handler+0x90/0x180

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 83a7f27c5b94e43f29f8216a32790751139aa61e

Version 61071a871ea6eb2125ece91c1a0dbb124a318c8a

Status affected

Version < afd7660c766c4d317feae004e5cd829390bbc4b0

Version 61071a871ea6eb2125ece91c1a0dbb124a318c8a

Status affected

Version < 5c0268b141ad612b6fca13d3a66cfda111716dbb

Version 61071a871ea6eb2125ece91c1a0dbb124a318c8a

Status affected

Version < cb5edce271764524b88b1a6866b3e626686d9a33

Version 61071a871ea6eb2125ece91c1a0dbb124a318c8a

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.20

Status affected

Version < 4.20

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.32

Status unaffected

Version <= 6.2.*

Version 6.2.16

Status unaffected

Version <= 6.3.*

Version 6.3.3

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.064

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/83a7f27c5b94e43f29f8216a32790751139aa61e

https://git.kernel.org/stable/c/afd7660c766c4d317feae004e5cd829390bbc4b0

https://git.kernel.org/stable/c/5c0268b141ad612b6fca13d3a66cfda111716dbb

https://git.kernel.org/stable/c/cb5edce271764524b88b1a6866b3e626686d9a33

https://nvd.nist.gov/vuln/detail/CVE-2023-54129

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54129

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54129

EUVD