CVE-2023-52626
net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context Indirection (*) is of lower precedence than postfix increment (++). Logic
in napi_poll context would cause an out-of-bound read by first increment
the pointer address by byte address space and then dereference the value.
Rather, the intended logic was to dereference first and then increment the
underlying value.
En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net/mlx5e: se corrigió el error de precedencia de operación en la marca de tiempo del puerto contexto napi_poll La indirección (*) tiene menor prioridad que el incremento de postfijo (++). La lógica en el contexto napi_poll provocaría una lectura fuera de los límites al incrementar primero la dirección del puntero por espacio de direcciones de bytes y luego desreferenciar el valor. Más bien, la lógica prevista era desreferenciar primero y luego incrementar el valor subyacente.
An operation precedence flaw was found in the Linux kernel’s Mellanox Technologies networking driver. This flaw allows a local user to crash the system or potentially gain access to data that should not be accessible.
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context Indirection (*) is of lower precedence than postfix increment (++). Logic in napi_poll context would cause an out-of-bound read by first increment the pointer address by byte address space and then dereference the value. Rather, the intended logic was to dereference first and then increment the underlying value.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-03-06 CVE Reserved
- 2024-03-26 CVE Published
- 2024-03-27 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| https://git.kernel.org/stable/c/e5d30f7da35720060299483e65fc372980a82dfb | Vuln. Introduced | |
| https://git.kernel.org/stable/c/92214be5979c0961a471b7eaaaeacab41bdf456c | Vuln. Introduced | |
| https://git.kernel.org/stable/c/42b11d1293e5a0f932c0b6e891b2c7bae57b839d | Vuln. Introduced |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2023-52626 | 2024-07-08 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=2271680 | 2024-07-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.6.3 < 6.6.15 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.6.3 < 6.6.15" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.7 < 6.7.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.7.3" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 6.7 < 6.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 6.7 < 6.8" | en |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 6.5.13 Search vendor "Linux" for product "Linux Kernel" and version "6.5.13" | en |
Affected
| ||||||