| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025122419-CVE-2023-54129-8cb3@gregkh> Date: Wed, 24 Dec 2025 14:07:26 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-54129: octeontx2-af: Add validation for lmac type From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Add validation for lmac type Upon physical link change, firmware reports to the kernel about the change along with the details like speed, lmac_type_id, etc. Kernel derives lmac_type based on lmac_type_id received from firmware. In a few scenarios, firmware returns an invalid lmac_type_id, which is resulting in below kernel panic. This patch adds the missing validation of the lmac_type_id field. Internal error: Oops: 96000005 [#1] PREEMPT SMP [ 35.321595] Modules linked in: [ 35.328982] CPU: 0 PID: 31 Comm: kworker/0:1 Not tainted 5.4.210-g2e3169d8e1bc-dirty #17 [ 35.337014] Hardware name: Marvell CN103XX board (DT) [ 35.344297] Workqueue: events work_for_cpu_fn [ 35.352730] pstate: 40400089 (nZcv daIf +PAN -UAO) [ 35.360267] pc : strncpy+0x10/0x30 [ 35.366595] lr : cgx_link_change_handler+0x90/0x180 The Linux kernel CVE team has assigned CVE-2023-54129 to this issue. Affected and fixed versions =========================== Issue introduced in 4.20 with commit 61071a871ea6eb2125ece91c1a0dbb124a318c8a and fixed in 6.1.32 with commit 83a7f27c5b94e43f29f8216a32790751139aa61e Issue introduced in 4.20 with commit 61071a871ea6eb2125ece91c1a0dbb124a318c8a and fixed in 6.2.16 with commit afd7660c766c4d317feae004e5cd829390bbc4b0 Issue introduced in 4.20 with commit 61071a871ea6eb2125ece91c1a0dbb124a318c8a and fixed in 6.3.3 with commit 5c0268b141ad612b6fca13d3a66cfda111716dbb Issue introduced in 4.20 with commit 61071a871ea6eb2125ece91c1a0dbb124a318c8a and fixed in 6.4 with commit cb5edce271764524b88b1a6866b3e626686d9a33 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-54129 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/ethernet/marvell/octeontx2/af/cgx.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/83a7f27c5b94e43f29f8216a32790751139aa61e https://git.kernel.org/stable/c/afd7660c766c4d317feae004e5cd829390bbc4b0 https://git.kernel.org/stable/c/5c0268b141ad612b6fca13d3a66cfda111716dbb https://git.kernel.org/stable/c/cb5edce271764524b88b1a6866b3e626686d9a33
Powered by blists - more mailing lists