In the Linux kernel, the following vulnerability has been resolved:
bnxt: Do not read past the end of test names
Test names were being concatenated based on a offset beyond the end of the first name, which tripped the buffer overflow detection logic:
detected buffer overflow in strnlen [...] Call Trace: bnxtethtoolinit.cold+0x18/0x18
Refactor struct hwrmselftestqlist_output to use an actual array, and adjust the concatenation to use snprintf() rather than a series of strncat() calls.
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d3e599c090fc6977331150c5f0a69ab8ce87da21",
"target": {
"function": "bnxt_ethtool_init",
"file": "drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2023-53010-17866b9f",
"digest": {
"length": 1757.0,
"function_hash": "245870376068265566269430896792709010440"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d3e599c090fc6977331150c5f0a69ab8ce87da21",
"target": {
"file": "drivers/net/ethernet/broadcom/bnxt/bnxt_hsi.h"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2023-53010-89fafae8",
"digest": {
"threshold": 0.9,
"line_hashes": [
"332212164659559967807882152192246458363",
"22735894689887782609466709868249349265",
"29580688817519182100927616242170472861",
"308335620814138028144624931019234158454",
"105524719314296886452418425347591164146",
"182338220662860635212210457723428814353",
"250153724071169549261850509964676120328",
"209388211276643782569412754173169313562",
"112586925865385660026329745801189368524",
"50290202980753493502433732874263041679",
"231688859626747322987381727407372596853"
]
},
"signature_type": "Line"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cefa85480ac99c0bef5a09daadb48d65fc28e279",
"target": {
"function": "bnxt_ethtool_init",
"file": "drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2023-53010-a51f7520",
"digest": {
"length": 1757.0,
"function_hash": "245870376068265566269430896792709010440"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cefa85480ac99c0bef5a09daadb48d65fc28e279",
"target": {
"file": "drivers/net/ethernet/broadcom/bnxt/bnxt_hsi.h"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2023-53010-a6af73ea",
"digest": {
"threshold": 0.9,
"line_hashes": [
"332212164659559967807882152192246458363",
"22735894689887782609466709868249349265",
"29580688817519182100927616242170472861",
"308335620814138028144624931019234158454",
"105524719314296886452418425347591164146",
"182338220662860635212210457723428814353",
"250153724071169549261850509964676120328",
"209388211276643782569412754173169313562",
"112586925865385660026329745801189368524",
"50290202980753493502433732874263041679",
"231688859626747322987381727407372596853"
]
},
"signature_type": "Line"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d3e599c090fc6977331150c5f0a69ab8ce87da21",
"target": {
"file": "drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2023-53010-adef801d",
"digest": {
"threshold": 0.9,
"line_hashes": [
"334914412346431181848682368187435934296",
"317437574322475850644205442134239886177",
"280472099319748151401513721222122997221",
"27414389446163973016737533811374752785",
"289012364709222072472332293644145911813",
"265140097305597920509582644592537587957",
"305023297703570035140528898179365886953",
"81512891792651083619460709355064896329",
"85756236807329096050564067791771800503",
"318194144189645941233024112499286723092",
"334817036471608908278827096692838925686",
"207577315302258243540129376609615399599",
"116188221789457074028531800515918687041",
"115652687507013439587899366179827319190",
"117968964598425858118722406122681952778"
]
},
"signature_type": "Line"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cefa85480ac99c0bef5a09daadb48d65fc28e279",
"target": {
"file": "drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c"
},
"deprecated": false,
"signature_version": "v1",
"id": "CVE-2023-53010-dafb1e2f",
"digest": {
"threshold": 0.9,
"line_hashes": [
"334914412346431181848682368187435934296",
"317437574322475850644205442134239886177",
"280472099319748151401513721222122997221",
"27414389446163973016737533811374752785",
"289012364709222072472332293644145911813",
"265140097305597920509582644592537587957",
"305023297703570035140528898179365886953",
"81512891792651083619460709355064896329",
"85756236807329096050564067791771800503",
"318194144189645941233024112499286723092",
"334817036471608908278827096692838925686",
"207577315302258243540129376609615399599",
"116188221789457074028531800515918687041",
"115652687507013439587899366179827319190",
"117968964598425858118722406122681952778"
]
},
"signature_type": "Line"
}
]