CVE-2023-53019

The caller may pass any value as addr, what may result in an out-of-bounds access to array mdiomap. One existing case is stmmacinit_phy() that may pass -1 as addr. Therefore validate addr before using it.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53019.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

7f854420fbfe9d49afe2ffb1df052cfe8e215541

Fixed

1d80c259dfbadefa61b7ea334dfce5cb57f8c72f

Fixed

c431a3d642593bbdb99e8a9e3eed608b730db6f8

Fixed

8a7b9560a3a8eb8724888c426e05926752f73aa0

Fixed

4bc5f1f6bc94e695dfd912122af96e7115a0ddb8

Fixed

ad67de330d83e8078372b52af18ffe8d39e26c85

Fixed

7879626296e6ffd838ae0f2af1ab49ee46354973

Fixed

867dbe784c5010a466f00a7d1467c1c5ea569c75

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53019.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.5.0

Fixed

4.14.305

Type: ECOSYSTEM
Events: Introduced

4.15.0

Fixed

4.19.272

Type: ECOSYSTEM
Events: Introduced

4.20.0

Fixed

5.4.231

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.166

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.91

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53019.json"