CVE-2023-54156

efxnetstats() (.ndogetstats64) can be called during an ethtool selftest, during which time nicdata->mcstats is NULL as the NIC has been fini'd. In this case do not attempt to fetch the latest stats from the hardware, else we will crash on a NULL dereference: BUG: kernel NULL pointer dereference, address: 0000000000000038 RIP efxnicupdatestats abridged calltrace: efxef10updatestatspf efxnetstats devgetstats devseqprintfstats Skipping the read is safe, we will simply give out stale stats. To ensure that the free in efxef10fininic() does not race against efxef10updatestatspf(), which could cause a TOCTTOU bug, take the efx->statslock in fininic (it is already held across updatestats).

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54156.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

d3142c193dca9a2f6878f4128ce1aaf221bb3f99

Fixed

cb1aa7cc562cab6a87ea33574c8c65f2d2fd7aeb

Fixed

91f4ef204e731565afdc6c2a7fcf509a3fd6fd67

Fixed

446f5567934331923d0aec4ce045e4ecb0174aae

Fixed

470152d76b3ed107d172ea46acc4bfa941f20b4b

Fixed

aba32b4c58112960c0c708703ca6b44dc8944082

Fixed

d1b355438b8325a486f087e506d412c4e852f37b

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54156.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.9.0

Fixed

5.10.188

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.121

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.39

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.3.13

Type: ECOSYSTEM
Events: Introduced

6.4.0

Fixed

6.4.4

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54156.json"