CVE-2023-53376
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-53376
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53376.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-53376
- Downstream
- Published
- 2025-09-18T13:33:22Z
- Modified
- 2025-10-21T16:48:29.928398Z
- Summary
- scsi: mpi3mr: Use number of bits to manage bitmap sizes
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: mpi3mr: Use number of bits to manage bitmap sizes
To allocate bitmaps, the mpi3mr driver calculates sizes of bitmaps using byte as unit. However, bitmap helper functions assume that bitmaps are allocated using unsigned long as unit. This gap causes memory access beyond the bitmap sizes and results in "BUG: KASAN: slab-out-of-bounds". The BUG was observed at firmware download to eHBA-9600. Call trace indicated that the out-of-bounds access happened in findfirstzerobit() called from mpi3mrsendeventack() for miroc->evtackcmdsbitmap.
To fix the BUG, do not use bytes to manage bitmap sizes. Instead, use number of bits, and call bitmap helper functions which take number of bits as arguments. For memory allocation, call bitmapzalloc() instead of kzalloc() and krealloc(). For memory free, call bitmapfree() instead of kfree(). For zero clear, call bitmap_clear() instead of memset().
Remove three fields for bitmap byte sizes in struct scmdpriv which are no longer required. Replace the field devhandlebitmapsz with devhandlebitmapbits to keep number of bits of removependbitmap across resize.
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced824a156633dfdb0e17979a0d0bb2c757d1bb949cFixed6a675a6d57d31da43d8da576465c1cd5d5b0bd3d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced824a156633dfdb0e17979a0d0bb2c757d1bb949cFixed8ac713d2e9845e9234bb12ae5903040685d5aff9
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced824a156633dfdb0e17979a0d0bb2c757d1bb949cFixed339e61565f81a6534afdc18fd854b2e2628bf5db
Affected versions
v5.*
v5.13
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.2.1
v6.2.2
v6.2.3
v6.2.4
Database specific
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8ac713d2e9845e9234bb12ae5903040685d5aff9",
"target": {
"function": "mpi3mr_alloc_reply_sense_bufs",
"file": "drivers/scsi/mpi3mr/mpi3mr_fw.c"
},
"deprecated": false,
"id": "CVE-2023-53376-312704f7",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 4203.0,
"function_hash": "95453414560310031081377684298860006309"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8ac713d2e9845e9234bb12ae5903040685d5aff9",
"target": {
"function": "mpi3mr_soft_reset_handler",
"file": "drivers/scsi/mpi3mr/mpi3mr_fw.c"
},
"deprecated": false,
"id": "CVE-2023-53376-318a6576",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 3891.0,
"function_hash": "335154163857350701159901624918785496802"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8ac713d2e9845e9234bb12ae5903040685d5aff9",
"target": {
"function": "mpi3mr_revalidate_factsdata",
"file": "drivers/scsi/mpi3mr/mpi3mr_fw.c"
},
"deprecated": false,
"id": "CVE-2023-53376-44c215ce",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 1589.0,
"function_hash": "207487540629528036309623211029169747392"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8ac713d2e9845e9234bb12ae5903040685d5aff9",
"target": {
"file": "drivers/scsi/mpi3mr/mpi3mr.h"
},
"deprecated": false,
"id": "CVE-2023-53376-4807f63a",
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"258044556838021806781415153167379493607",
"4237895527097898286864346520671200074",
"255474199603439788964021337209502683146",
"183570322286206495316589205651609715095",
"328831077880725740666496184624089815162",
"297846529798106684099606454443064322927",
"132000378798947346858374620860057815176",
"245626453082024098919354586200460272845",
"285503252545774343897192738463397020436",
"334723371172972789691253811809427384212",
"12550611385084213308663602287170923269",
"302380791118755093492255163052261573689",
"229126706472611894153714558995813617310",
"50795219093989371246358124913783299846",
"175398307815527364969777171997208649070",
"100498613256634093341554540106598362109"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8ac713d2e9845e9234bb12ae5903040685d5aff9",
"target": {
"function": "mpi3mr_alloc_chain_bufs",
"file": "drivers/scsi/mpi3mr/mpi3mr_fw.c"
},
"deprecated": false,
"id": "CVE-2023-53376-67e6ca9a",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 1296.0,
"function_hash": "242121244061930468157335318793161778241"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@339e61565f81a6534afdc18fd854b2e2628bf5db",
"target": {
"function": "mpi3mr_soft_reset_handler",
"file": "drivers/scsi/mpi3mr/mpi3mr_fw.c"
},
"deprecated": false,
"id": "CVE-2023-53376-74242010",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 3891.0,
"function_hash": "335154163857350701159901624918785496802"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@339e61565f81a6534afdc18fd854b2e2628bf5db",
"target": {
"function": "mpi3mr_alloc_chain_bufs",
"file": "drivers/scsi/mpi3mr/mpi3mr_fw.c"
},
"deprecated": false,
"id": "CVE-2023-53376-927e8ab1",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 1296.0,
"function_hash": "242121244061930468157335318793161778241"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@339e61565f81a6534afdc18fd854b2e2628bf5db",
"target": {
"function": "mpi3mr_alloc_reply_sense_bufs",
"file": "drivers/scsi/mpi3mr/mpi3mr_fw.c"
},
"deprecated": false,
"id": "CVE-2023-53376-b537e4c0",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 4203.0,
"function_hash": "95453414560310031081377684298860006309"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8ac713d2e9845e9234bb12ae5903040685d5aff9",
"target": {
"function": "mpi3mr_memset_buffers",
"file": "drivers/scsi/mpi3mr/mpi3mr_fw.c"
},
"deprecated": false,
"id": "CVE-2023-53376-c227e2f2",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 2602.0,
"function_hash": "72537515633232400575969674176826668269"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@339e61565f81a6534afdc18fd854b2e2628bf5db",
"target": {
"function": "mpi3mr_revalidate_factsdata",
"file": "drivers/scsi/mpi3mr/mpi3mr_fw.c"
},
"deprecated": false,
"id": "CVE-2023-53376-cdcbfe9a",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 1589.0,
"function_hash": "207487540629528036309623211029169747392"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@339e61565f81a6534afdc18fd854b2e2628bf5db",
"target": {
"function": "mpi3mr_memset_buffers",
"file": "drivers/scsi/mpi3mr/mpi3mr_fw.c"
},
"deprecated": false,
"id": "CVE-2023-53376-dd6407b8",
"signature_version": "v1",
"signature_type": "Function",
"digest": {
"length": 2602.0,
"function_hash": "72537515633232400575969674176826668269"
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8ac713d2e9845e9234bb12ae5903040685d5aff9",
"target": {
"file": "drivers/scsi/mpi3mr/mpi3mr_fw.c"
},
"deprecated": false,
"id": "CVE-2023-53376-e452dedd",
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"197555524019407863751918488611996241404",
"332422807544379533563389899690845118315",
"288695546192983301246769495313140009498",
"254271588277107876975582164818561259611",
"156500870280217533311519345349290123725",
"29666647153943720326498919698931267003",
"136355956816610065775329560560681292035",
"116594047027895161707784020586587555336",
"229495380583702827967973818377176367141",
"258066881721782726662988455490176861116",
"293891584450164682651052011329930556065",
"88480091167904585800547151793235092200",
"134345169000155056069960187578180712961",
"332216862501912711894840995915550155197",
"305618590876889962787713271108301566530",
"320766931056180597433186253307300868635",
"278163118573329054437123153526378477318",
"182242123879087600102576258688318463599",
"6060964631459631372063396880750732213",
"2244962453562270314964429872217476436",
"6850714527039567294973164081401139618",
"7258930208818100911559906249762633191",
"6838050119803999888610463732321426529",
"156198490723425219049285277711573441368",
"296373307482610473840025220238658827161",
"163756106419426299678270766248397651974",
"90850064055688179875939745723551697884",
"136764838827125606040746186504234188318",
"322327523245511990899638946132486326164",
"103358151096003136007560564871263092574",
"19945592622592199367356368368426825228",
"129802162504673432593337177513344502483",
"124240184765007303427241239409835984766",
"28823918602159042934254629266685393777",
"252132806671591580694562599682974632661",
"212685245571257956103704254422513505675",
"282590817757543348799709576340689898506",
"291120440608984991217193196144812316284",
"194176863034834345058579970111724644105",
"96775747323716292569598339409584373356",
"122237824968120318601997984182548377164",
"316105649931242406164567024395821916232",
"282670980845648544075938821626440562320",
"13556663011587475812078919832629878043",
"227074677243996588672150417414242840006",
"169582069482732952503719673406276582474",
"145386465837508865564966809478230249595",
"248919500137654477959205195791326567029",
"220702993159528150347308000649222859866",
"290172324528755781828148149726311838233",
"208148918878629305491057479491099328383",
"206357175180627859211498638419964602242",
"318973831688670017980445442174202060906",
"317325944457828811785473473916187234337",
"124431399554071525400699067173624384758",
"38753369864656374697273937568107641255",
"204416197497694638551780404067874771994",
"9532025009865240277533410876596808271",
"92577406437708399769521205758463088995",
"37580120169904802392824714667050993514",
"222111698842801777449797165325001025593",
"182147604479180715092222078643534282051",
"84191997098992290393742647575216393051",
"295163982130757255553644088914063698265",
"7607692224505347901501403760578305425",
"287986402022562239832602664018367126855",
"23240827891917169705498927756640351072",
"191367245825399062815923781720065162590",
"274581543212677910023499995075273020820",
"284769041396478201130655445745839251294",
"18329350980159713995479012625060799055",
"188068949085273140158945643371126691080",
"112415934160504620485839103185134719518",
"72150086546365468650489142508058415119",
"117554820411143291263551645441366689885",
"234457417886781395136214857808763453705",
"13399772529895593660359389376937232517",
"194309986512776792427182109027212004599"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@339e61565f81a6534afdc18fd854b2e2628bf5db",
"target": {
"file": "drivers/scsi/mpi3mr/mpi3mr.h"
},
"deprecated": false,
"id": "CVE-2023-53376-e472779a",
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"258044556838021806781415153167379493607",
"4237895527097898286864346520671200074",
"255474199603439788964021337209502683146",
"183570322286206495316589205651609715095",
"328831077880725740666496184624089815162",
"297846529798106684099606454443064322927",
"132000378798947346858374620860057815176",
"245626453082024098919354586200460272845",
"285503252545774343897192738463397020436",
"334723371172972789691253811809427384212",
"12550611385084213308663602287170923269",
"302380791118755093492255163052261573689",
"229126706472611894153714558995813617310",
"50795219093989371246358124913783299846",
"175398307815527364969777171997208649070",
"100498613256634093341554540106598362109"
]
}
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@339e61565f81a6534afdc18fd854b2e2628bf5db",
"target": {
"file": "drivers/scsi/mpi3mr/mpi3mr_fw.c"
},
"deprecated": false,
"id": "CVE-2023-53376-fe3cfbfa",
"signature_version": "v1",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"197555524019407863751918488611996241404",
"332422807544379533563389899690845118315",
"288695546192983301246769495313140009498",
"254271588277107876975582164818561259611",
"156500870280217533311519345349290123725",
"29666647153943720326498919698931267003",
"136355956816610065775329560560681292035",
"116594047027895161707784020586587555336",
"229495380583702827967973818377176367141",
"258066881721782726662988455490176861116",
"293891584450164682651052011329930556065",
"88480091167904585800547151793235092200",
"134345169000155056069960187578180712961",
"332216862501912711894840995915550155197",
"305618590876889962787713271108301566530",
"320766931056180597433186253307300868635",
"278163118573329054437123153526378477318",
"182242123879087600102576258688318463599",
"6060964631459631372063396880750732213",
"2244962453562270314964429872217476436",
"6850714527039567294973164081401139618",
"7258930208818100911559906249762633191",
"6838050119803999888610463732321426529",
"156198490723425219049285277711573441368",
"296373307482610473840025220238658827161",
"163756106419426299678270766248397651974",
"90850064055688179875939745723551697884",
"136764838827125606040746186504234188318",
"322327523245511990899638946132486326164",
"103358151096003136007560564871263092574",
"19945592622592199367356368368426825228",
"129802162504673432593337177513344502483",
"124240184765007303427241239409835984766",
"28823918602159042934254629266685393777",
"252132806671591580694562599682974632661",
"212685245571257956103704254422513505675",
"282590817757543348799709576340689898506",
"291120440608984991217193196144812316284",
"194176863034834345058579970111724644105",
"96775747323716292569598339409584373356",
"122237824968120318601997984182548377164",
"316105649931242406164567024395821916232",
"282670980845648544075938821626440562320",
"13556663011587475812078919832629878043",
"227074677243996588672150417414242840006",
"169582069482732952503719673406276582474",
"145386465837508865564966809478230249595",
"248919500137654477959205195791326567029",
"220702993159528150347308000649222859866",
"290172324528755781828148149726311838233",
"208148918878629305491057479491099328383",
"206357175180627859211498638419964602242",
"318973831688670017980445442174202060906",
"317325944457828811785473473916187234337",
"124431399554071525400699067173624384758",
"38753369864656374697273937568107641255",
"204416197497694638551780404067874771994",
"9532025009865240277533410876596808271",
"92577406437708399769521205758463088995",
"37580120169904802392824714667050993514",
"222111698842801777449797165325001025593",
"182147604479180715092222078643534282051",
"84191997098992290393742647575216393051",
"295163982130757255553644088914063698265",
"7607692224505347901501403760578305425",
"287986402022562239832602664018367126855",
"23240827891917169705498927756640351072",
"191367245825399062815923781720065162590",
"274581543212677910023499995075273020820",
"284769041396478201130655445745839251294",
"18329350980159713995479012625060799055",
"188068949085273140158945643371126691080",
"112415934160504620485839103185134719518",
"72150086546365468650489142508058415119",
"117554820411143291263551645441366689885",
"234457417886781395136214857808763453705",
"13399772529895593660359389376937232517",
"194309986512776792427182109027212004599"
]
}
}
]