CVE-2023-53034

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53034
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53034.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53034
Downstream
Related
Published
2025-04-16T14:11:41.985Z
Modified
2026-05-15T11:54:08.618304373Z
Summary
ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans
Details

In the Linux kernel, the following vulnerability has been resolved:

ntbhwswitchtec: Fix shift-out-of-bounds in switchtecntbmwsettrans

There is a kernel API ntbmwcleartrans() would pass 0 to both addr and size. This would make xlatepos negative.

[ 23.734156] switchtec switchtec0: MW 0: part 0 addr 0x0000000000000000 size 0x0000000000000000 [ 23.734158] ================================================================================ [ 23.734172] UBSAN: shift-out-of-bounds in drivers/ntb/hw/mscc/ntbhwswitchtec.c:293:7 [ 23.734418] shift exponent -1 is negative

Ensuring xlate_pos is a positive or zero before BIT.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53034.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.16.0
Fixed
5.4.292
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.236
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.180
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.134
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.87
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.12.23
Type
ECOSYSTEM
Events
Introduced
6.13.0
Fixed
6.13.11
Type
ECOSYSTEM
Events
Introduced
6.14.0
Fixed
6.14.2

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53034.json"