CVE-2023-54168 — Integer Overflow or Wraparound in Linux

CWE-190 — Integer Overflow or Wraparound7 documents6 sources

Severity

6.6MEDIUM

No vector

EPSS

0.0%

top 89.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() The ucmd->log_sq_bb_count variable is controlled by the user so this shift can wrap. Fix it by using check_shl_overflow() in the same way that it was done in commit 515f60004ed9 ("RDMA/hns: Prevent undefined behavior in hns_roce_set_user_sq_size()").

Affected Packages4 packages

▶Linuxlinux/linux_kernel2.6.24 — 4.19.283+6

▶Debianlinux/linux_kernel< 5.10.191-1+3

▶CVEListV5linux/linux839041329fd3410e07d614f81e75bb43367d8f89 — 3d5ae269c4bd392ec1edbfb3bd031b8f42d7feff+8

▶debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

OSV

RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()↗2025-12-30

▶

GHSA

GHSA-54vr-v43g-gq47: In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() The ucmd->log_sq_bb_coun↗2025-12-30

▶

OSV

CVE-2023-54168: In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Prevent shift wrapping in set_user_sq_size() The ucmd->log_sq_bb_count↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: RDMA/mlx4: Prevent shift wrapping in set_user_sq_size()↗2025-12-30

▶

Debian

CVE-2023-54168: linux - In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: ...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-54168 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶