CVE-2023-53010
- Source
- https://cve.org/CVERecord?id=CVE-2023-53010
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53010.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53010
- Downstream
- Related
- Published
- 2025-03-27T16:43:40.228Z
- Modified
- 2026-03-20T12:32:54.832278Z
- Summary
- bnxt: Do not read past the end of test names
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
bnxt: Do not read past the end of test names
Test names were being concatenated based on a offset beyond the end of the first name, which tripped the buffer overflow detection logic:
detected buffer overflow in strnlen [...] Call Trace: bnxtethtoolinit.cold+0x18/0x18
Refactor struct hwrmselftestqlist_output to use an actual array, and adjust the concatenation to use snprintf() rather than a series of strncat() calls.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53010.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/cefa85480ac99c0bef5a09daadb48d65fc28e279
- https://git.kernel.org/stable/c/d3e599c090fc6977331150c5f0a69ab8ce87da21
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53010.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53010
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git