CVE-2023-53010

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-53010
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53010.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-53010
Downstream
Related
Published
2025-03-27T16:43:40Z
Modified
2025-10-21T15:19:32.233417Z
Summary
bnxt: Do not read past the end of test names
Details

In the Linux kernel, the following vulnerability has been resolved:

bnxt: Do not read past the end of test names

Test names were being concatenated based on a offset beyond the end of the first name, which tripped the buffer overflow detection logic:

detected buffer overflow in strnlen [...] Call Trace: bnxtethtoolinit.cold+0x18/0x18

Refactor struct hwrmselftestqlist_output to use an actual array, and adjust the concatenation to use snprintf() rather than a series of strncat() calls.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
eb51365846bc418687af4c4f41b68b6e84cdd449
Fixed
cefa85480ac99c0bef5a09daadb48d65fc28e279
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
eb51365846bc418687af4c4f41b68b6e84cdd449
Fixed
d3e599c090fc6977331150c5f0a69ab8ce87da21

Affected versions

v4.*

v4.11
v4.11-rc4
v4.11-rc5
v4.11-rc6
v4.11-rc7
v4.11-rc8
v4.12
v4.12-rc1
v4.12-rc2
v4.12-rc3
v4.12-rc4
v4.12-rc5
v4.12-rc6
v4.12-rc7
v4.13
v4.13-rc1
v4.13-rc2
v4.13-rc3
v4.13-rc4
v4.13-rc5
v4.13-rc6
v4.13-rc7
v4.14
v4.14-rc1
v4.14-rc2
v4.14-rc3
v4.14-rc4
v4.14-rc5
v4.14-rc6
v4.14-rc7
v4.14-rc8
v4.15
v4.15-rc1
v4.15-rc2
v4.15-rc3
v4.15-rc4
v4.15-rc5
v4.15-rc6
v4.15-rc7
v4.15-rc8
v4.15-rc9
v4.16
v4.16-rc1
v4.16-rc2
v4.16-rc3
v4.16-rc4
v4.16-rc5
v4.16-rc6
v4.16-rc7
v4.17
v4.17-rc1
v4.17-rc2
v4.17-rc3
v4.17-rc4
v4.17-rc5
v4.17-rc6
v4.17-rc7
v4.18
v4.18-rc1
v4.18-rc2
v4.18-rc3
v4.18-rc4
v4.18-rc5
v4.18-rc6
v4.18-rc7
v4.18-rc8
v4.19
v4.19-rc1
v4.19-rc2
v4.19-rc3
v4.19-rc4
v4.19-rc5
v4.19-rc6
v4.19-rc7
v4.19-rc8
v4.20
v4.20-rc1
v4.20-rc2
v4.20-rc3
v4.20-rc4
v4.20-rc5
v4.20-rc6
v4.20-rc7

v5.*

v5.0
v5.0-rc1
v5.0-rc2
v5.0-rc3
v5.0-rc4
v5.0-rc5
v5.0-rc6
v5.0-rc7
v5.0-rc8
v5.1
v5.1-rc1
v5.1-rc2
v5.1-rc3
v5.1-rc4
v5.1-rc5
v5.1-rc6
v5.1-rc7
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.2
v5.2-rc1
v5.2-rc2
v5.2-rc3
v5.2-rc4
v5.2-rc5
v5.2-rc6
v5.2-rc7
v5.3
v5.3-rc1
v5.3-rc2
v5.3-rc3
v5.3-rc4
v5.3-rc5
v5.3-rc6
v5.3-rc7
v5.3-rc8
v5.4
v5.4-rc1
v5.4-rc2
v5.4-rc3
v5.4-rc4
v5.4-rc5
v5.4-rc6
v5.4-rc7
v5.4-rc8
v5.5
v5.5-rc1
v5.5-rc2
v5.5-rc3
v5.5-rc4
v5.5-rc5
v5.5-rc6
v5.5-rc7
v5.6
v5.6-rc1
v5.6-rc2
v5.6-rc3
v5.6-rc4
v5.6-rc5
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8

v6.*

v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.2-rc1
v6.2-rc2
v6.2-rc3

Database specific

vanir_signatures

[
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d3e599c090fc6977331150c5f0a69ab8ce87da21",
        "target": {
            "function": "bnxt_ethtool_init",
            "file": "drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2023-53010-17866b9f",
        "digest": {
            "length": 1757.0,
            "function_hash": "245870376068265566269430896792709010440"
        },
        "signature_type": "Function"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d3e599c090fc6977331150c5f0a69ab8ce87da21",
        "target": {
            "file": "drivers/net/ethernet/broadcom/bnxt/bnxt_hsi.h"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2023-53010-89fafae8",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "332212164659559967807882152192246458363",
                "22735894689887782609466709868249349265",
                "29580688817519182100927616242170472861",
                "308335620814138028144624931019234158454",
                "105524719314296886452418425347591164146",
                "182338220662860635212210457723428814353",
                "250153724071169549261850509964676120328",
                "209388211276643782569412754173169313562",
                "112586925865385660026329745801189368524",
                "50290202980753493502433732874263041679",
                "231688859626747322987381727407372596853"
            ]
        },
        "signature_type": "Line"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cefa85480ac99c0bef5a09daadb48d65fc28e279",
        "target": {
            "function": "bnxt_ethtool_init",
            "file": "drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2023-53010-a51f7520",
        "digest": {
            "length": 1757.0,
            "function_hash": "245870376068265566269430896792709010440"
        },
        "signature_type": "Function"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cefa85480ac99c0bef5a09daadb48d65fc28e279",
        "target": {
            "file": "drivers/net/ethernet/broadcom/bnxt/bnxt_hsi.h"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2023-53010-a6af73ea",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "332212164659559967807882152192246458363",
                "22735894689887782609466709868249349265",
                "29580688817519182100927616242170472861",
                "308335620814138028144624931019234158454",
                "105524719314296886452418425347591164146",
                "182338220662860635212210457723428814353",
                "250153724071169549261850509964676120328",
                "209388211276643782569412754173169313562",
                "112586925865385660026329745801189368524",
                "50290202980753493502433732874263041679",
                "231688859626747322987381727407372596853"
            ]
        },
        "signature_type": "Line"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d3e599c090fc6977331150c5f0a69ab8ce87da21",
        "target": {
            "file": "drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2023-53010-adef801d",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "334914412346431181848682368187435934296",
                "317437574322475850644205442134239886177",
                "280472099319748151401513721222122997221",
                "27414389446163973016737533811374752785",
                "289012364709222072472332293644145911813",
                "265140097305597920509582644592537587957",
                "305023297703570035140528898179365886953",
                "81512891792651083619460709355064896329",
                "85756236807329096050564067791771800503",
                "318194144189645941233024112499286723092",
                "334817036471608908278827096692838925686",
                "207577315302258243540129376609615399599",
                "116188221789457074028531800515918687041",
                "115652687507013439587899366179827319190",
                "117968964598425858118722406122681952778"
            ]
        },
        "signature_type": "Line"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cefa85480ac99c0bef5a09daadb48d65fc28e279",
        "target": {
            "file": "drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c"
        },
        "deprecated": false,
        "signature_version": "v1",
        "id": "CVE-2023-53010-dafb1e2f",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "334914412346431181848682368187435934296",
                "317437574322475850644205442134239886177",
                "280472099319748151401513721222122997221",
                "27414389446163973016737533811374752785",
                "289012364709222072472332293644145911813",
                "265140097305597920509582644592537587957",
                "305023297703570035140528898179365886953",
                "81512891792651083619460709355064896329",
                "85756236807329096050564067791771800503",
                "318194144189645941233024112499286723092",
                "334817036471608908278827096692838925686",
                "207577315302258243540129376609615399599",
                "116188221789457074028531800515918687041",
                "115652687507013439587899366179827319190",
                "117968964598425858118722406122681952778"
            ]
        },
        "signature_type": "Line"
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.12.0
Fixed
6.1.9