CVE-2023-53811Improper Validation of Specified Index, Position, or Offset in Input in Linux

CWE-1285Improper Validation of Specified Index, Position, or Offset in Input6 documents5 sources
Severity
4.4MEDIUM
No vector
EPSS
0.0%
top 90.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Cap MSIX used to online CPUs + 1 The irdma driver can use a maximum number of msix vectors equal to num_online_cpus() + 1 and the kernel warning stack below is shown if that number is exceeded. The kernel throws a warning as the driver tries to update the affinity hint with a CPU mask greater than the max CPU IDs. Fix this by capping the MSIX vectors to num_online_cpus() + 1. WARNING: CPU: 7 PID: 23655 at include

Affected Packages4 packages

Linuxlinux/linux_kernel5.14.05.15.99+2
Debianlinux/linux_kernel< 6.1.20-1+2
CVEListV5linux/linux44d9e52977a1b90b0db1c7f8b197c218e922652087674a359ad173a3b8cd484e92e4f1901666da4c+4
debiandebian/linux< linux 6.1.20-1 (bookworm)

🔴Vulnerability Details

3
OSV
RDMA/irdma: Cap MSIX used to online CPUs + 12025-12-09
GHSA
GHSA-4q86-c76w-9mx5: In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Cap MSIX used to online CPUs + 1 The irdma driver can use a maximum2025-12-09
OSV
CVE-2023-53811: In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Cap MSIX used to online CPUs + 1 The irdma driver can use a maximum nu2025-12-09

📋Vendor Advisories

2
Red Hat
kernel: RDMA/irdma: Cap MSIX used to online CPUs + 12025-12-09
Debian
CVE-2023-53811: linux - In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma:...2023