CVE-2023-54008Numeric Range Comparison Without Minimum Check in Linux

CWE-839Numeric Range Comparison Without Minimum Check7 documents6 sources
Severity
3.3LOW
No vector
EPSS
0.0%
top 93.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: virtio_vdpa: build affinity masks conditionally We try to build affinity mask via create_affinity_masks() unconditionally which may lead several issues: - the affinity mask is not used for parent without affinity support (only VDUSE support the affinity now) - the logic of create_affinity_masks() might not work for devices other than block. For example it's not rare in the networking device where the number of queues could ex

Affected Packages4 packages

Linuxlinux/linux_kernel6.4.06.4.16+1
Debianlinux/linux_kernel< 6.5.3-1+1
CVEListV5linux/linux3dad56823b5332ffdbe1867b2d7b50fbacea124a5f2592243ccd5bb5341f59be409ccfdd586841f3+3
debiandebian/linux< linux 6.5.3-1 (forky)

🔴Vulnerability Details

3
OSV
CVE-2023-54008: In the Linux kernel, the following vulnerability has been resolved: virtio_vdpa: build affinity masks conditionally We try to build affinity mask via2025-12-24
GHSA
GHSA-hw63-h9pm-9g4x: In the Linux kernel, the following vulnerability has been resolved: virtio_vdpa: build affinity masks conditionally We try to build affinity mask vi2025-12-24
OSV
virtio_vdpa: build affinity masks conditionally2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: virtio_vdpa: build affinity masks conditionally2025-12-24
Debian
CVE-2023-54008: linux - In the Linux kernel, the following vulnerability has been resolved: virtio_vdpa...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54008 Impact, Exploitability, and Mitigation Steps | Wiz