vulnerability

Red Hat: CVE-2023-52626: kernel: net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:L/AC:L/Au:M/C:C/I:N/A:C)	2024-03-26	2024-07-03	2025-03-19

Severity

CVSS

(AV:L/AC:L/Au:M/C:C/I:N/A:C)

Published

2024-03-26

Added

2024-07-03

Modified

2025-03-19

Description

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context

Indirection (*) is of lower precedence than postfix increment (++). Logic
in napi_poll context would cause an out-of-bound read by first increment
the pointer address by byte address space and then dereference the value.
Rather, the intended logic was to dereference first and then increment the
underlying value.

Solution(s)

redhat-upgrade-kernelredhat-upgrade-kernel-rt

References

NVD-CVE-2023-52626
REDHAT-RHSA-2024:4211
REDHAT-RHSA-2024:4349
REDHAT-RHSA-2024:4352

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today