gsd - gsd-2023-52532

gsd-2023-52532

Vulnerability from gsd

Modified

2024-02-21 06:01

Details

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TX CQE error handling For an unknown TX CQE error type (probably from a newer hardware), still free the SKB, update the queue tail, etc., otherwise the accounting will be wrong. Also, TX errors can be triggered by injecting corrupted packets, so replace the WARN_ONCE to ratelimited error logging.

Aliases

CVE-2023-52532

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-52532"
      ],
      "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: Fix TX CQE error handling\n\nFor an unknown TX CQE error type (probably from a newer hardware),\nstill free the SKB, update the queue tail, etc., otherwise the\naccounting will be wrong.\n\nAlso, TX errors can be triggered by injecting corrupted packets, so\nreplace the WARN_ONCE to ratelimited error logging.",
      "id": "GSD-2023-52532",
      "modified": "2024-02-21T06:01:53.231034Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@kernel.org",
        "ID": "CVE-2023-52532",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Linux",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "ca9c54d2d6a5",
                          "version_value": "b67d7b1bfc46"
                        },
                        {
                          "version_value": "not down converted",
                          "x_cve_json_5_version_data": {
                            "defaultStatus": "affected",
                            "versions": [
                              {
                                "status": "affected",
                                "version": "5.13"
                              },
                              {
                                "lessThan": "5.13",
                                "status": "unaffected",
                                "version": "0",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "6.1.*",
                                "status": "unaffected",
                                "version": "6.1.59",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "6.5.*",
                                "status": "unaffected",
                                "version": "6.5.7",
                                "versionType": "custom"
                              },
                              {
                                "lessThanOrEqual": "*",
                                "status": "unaffected",
                                "version": "6.6",
                                "versionType": "original_commit_for_fix"
                              }
                            ]
                          }
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Linux"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: Fix TX CQE error handling\n\nFor an unknown TX CQE error type (probably from a newer hardware),\nstill free the SKB, update the queue tail, etc., otherwise the\naccounting will be wrong.\n\nAlso, TX errors can be triggered by injecting corrupted packets, so\nreplace the WARN_ONCE to ratelimited error logging."
          }
        ]
      },
      "generator": {
        "engine": "bippy-4986f5686161"
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://git.kernel.org/stable/c/b67d7b1bfc46d05c1a58b172516454698e8d5004",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/b67d7b1bfc46d05c1a58b172516454698e8d5004"
          },
          {
            "name": "https://git.kernel.org/stable/c/a910e0f6304726da30a212feecec65cb97ff7a80",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/a910e0f6304726da30a212feecec65cb97ff7a80"
          },
          {
            "name": "https://git.kernel.org/stable/c/b2b000069a4c307b09548dc2243f31f3ca0eac9c",
            "refsource": "MISC",
            "url": "https://git.kernel.org/stable/c/b2b000069a4c307b09548dc2243f31f3ca0eac9c"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: Fix TX CQE error handling\n\nFor an unknown TX CQE error type (probably from a newer hardware),\nstill free the SKB, update the queue tail, etc., otherwise the\naccounting will be wrong.\n\nAlso, TX errors can be triggered by injecting corrupted packets, so\nreplace the WARN_ONCE to ratelimited error logging."
          }
        ],
        "id": "CVE-2023-52532",
        "lastModified": "2024-03-04T13:58:23.447",
        "metrics": {},
        "published": "2024-03-02T22:15:48.660",
        "references": [
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/a910e0f6304726da30a212feecec65cb97ff7a80"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/b2b000069a4c307b09548dc2243f31f3ca0eac9c"
          },
          {
            "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
            "url": "https://git.kernel.org/stable/c/b67d7b1bfc46d05c1a58b172516454698e8d5004"
          }
        ],
        "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "vulnStatus": "Awaiting Analysis"
      }
    }
  }
}

cve-2023-52532

Vulnerability from cvelistv5

Published

2024-03-02 21:52

Modified

2024-08-02 23:03

Severity

Summary

net: mana: Fix TX CQE error handling

References

URL	Tags
https://git.kernel.org/stable/c/b67d7b1bfc46d05c1a58b172516454698e8d5004
https://git.kernel.org/stable/c/a910e0f6304726da30a212feecec65cb97ff7a80
https://git.kernel.org/stable/c/b2b000069a4c307b09548dc2243f31f3ca0eac9c

Impacted products

Vendor	Product
Linux	Linux
Linux	Linux

Show details on NVD website