CVE-2023-53495

rules is allocated in ethtoolgetrxnfc and the size is determined by rulecnt from user space. So rulecnt needs to be check before using rules to avoid OOB writing or NULL pointer dereference.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53495.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

90b509b39ac9b09be88eb641c7a3abd8de06b698

Fixed

ba6673824efa3dc198b04a54e69dce480066d7d9

Fixed

61054a8ddb176b155a8f2bacdfefb3727187f5d9

Fixed

5bb09dddc724c5f7c4dc6dd3bfebd685eecd93e8

Fixed

349638f7e5d3c7d328565587bb7b0454bbee02e2

Fixed

625b70d31dd4df4b96b3ddcbe251debb33bd67f5

Fixed

51fe0a470543f345e3c62b6798929de3ddcedc1d

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53495.json"