CVE-2023-54074Incorrect Type Conversion or Cast in Linux

CWE-704Incorrect Type Conversion or Cast7 documents6 sources
Severity
3.6LOW
No vector
EPSS
0.0%
top 93.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use correct encap attribute during invalidation With introduction of post action infrastructure most of the users of encap attribute had been modified in order to obtain the correct attribute by calling mlx5e_tc_get_encap_attr() helper instead of assuming encap action is always on default attribute. However, the cited commit didn't modify mlx5e_invalidate_encap() which prevents it from destroying correct modify head

Affected Packages4 packages

Linuxlinux/linux_kernel5.18.06.1.31+1
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linux8300f225268be9ee2c0daf5a3f23929fcdcbf21300959a1bad58e4b6c14a2729f84d354255073609+3
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
OSV
net/mlx5e: Use correct encap attribute during invalidation2025-12-24
GHSA
GHSA-cwm2-rxg5-4hcx: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use correct encap attribute during invalidation With introduction of2025-12-24
OSV
CVE-2023-54074: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Use correct encap attribute during invalidation With introduction of po2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel: Denial of Service in mlx5e due to incorrect encap attribute handling2025-12-24
Debian
CVE-2023-54074: linux - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54074 Impact, Exploitability, and Mitigation Steps | Wiz