CVE-2023-53638
- Source
- https://cve.org/CVERecord?id=CVE-2023-53638
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53638.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-53638
- Downstream
- Related
- Published
- 2025-10-07T15:19:38.989Z
- Modified
- 2026-02-21T08:51:57.137632Z
- Summary
- octeon_ep: cancel queued works in probe error path
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
octeon_ep: cancel queued works in probe error path
If it fails to get the devices's MAC address, octepprobe exits while leaving the delayed work intrpoll_task queued. When the work later runs, it's a use after free.
Move the cancelation of intrpolltask from octepremove into octepdevicecleanup. This does not change anything in the octepremove flow, but octepdevicecleanup is called also in the octep_probe error path, where the cancelation is needed.
Note that the cancelation of ctrlmboxtask has to follow intrpolltask's, because the ctrlmboxtask may be queued by intrpolltask.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53638.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/62312e2f6466b5f0a120542a38b410d88a34ed00
- https://git.kernel.org/stable/c/758c91078165ae641b698750a72eafe7968b3756
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53638.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53638
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced24d4333233b378114106a1327d3d635a004f4387Fixed62312e2f6466b5f0a120542a38b410d88a34ed00Fixed758c91078165ae641b698750a72eafe7968b3756
Affected versions
v6.*
v6.3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.10
v6.4.11
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.4.6
v6.4.7
v6.4.8
v6.4.9
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53638.json"
vanir_signatures
[
{
"id": "CVE-2023-53638-2ad8d7ba",
"target": {
"function": "octep_device_cleanup",
"file": "drivers/net/ethernet/marvell/octeon_ep/octep_main.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@758c91078165ae641b698750a72eafe7968b3756",
"digest": {
"function_hash": "189511127945114164156068729729810441348",
"length": 536.0
},
"signature_type": "Function"
},
{
"id": "CVE-2023-53638-2b9ab3ee",
"target": {
"function": "octep_remove",
"file": "drivers/net/ethernet/marvell/octeon_ep/octep_main.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@62312e2f6466b5f0a120542a38b410d88a34ed00",
"digest": {
"function_hash": "134681437268123973459649807641752446470",
"length": 430.0
},
"signature_type": "Function"
},
{
"id": "CVE-2023-53638-5c7c92d2",
"target": {
"function": "octep_device_cleanup",
"file": "drivers/net/ethernet/marvell/octeon_ep/octep_main.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@62312e2f6466b5f0a120542a38b410d88a34ed00",
"digest": {
"function_hash": "189511127945114164156068729729810441348",
"length": 536.0
},
"signature_type": "Function"
},
{
"id": "CVE-2023-53638-6ecd8d0d",
"target": {
"file": "drivers/net/ethernet/marvell/octeon_ep/octep_main.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@62312e2f6466b5f0a120542a38b410d88a34ed00",
"digest": {
"threshold": 0.9,
"line_hashes": [
"262479693601471945715598758310084578069",
"283605750290174285179904489144880509561",
"255812744903036956559552615232627674699",
"333310048120315425268193198599440018041",
"29498516882407137598722210844444360627",
"339465072765025445277774699108038578156",
"207988070418592622783220166204807489027",
"3118336549738975285127983830254049394",
"177216691250357174789533723390395221588"
]
},
"signature_type": "Line"
},
{
"id": "CVE-2023-53638-bc52131e",
"target": {
"file": "drivers/net/ethernet/marvell/octeon_ep/octep_main.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@758c91078165ae641b698750a72eafe7968b3756",
"digest": {
"threshold": 0.9,
"line_hashes": [
"262479693601471945715598758310084578069",
"283605750290174285179904489144880509561",
"255812744903036956559552615232627674699",
"333310048120315425268193198599440018041",
"29498516882407137598722210844444360627",
"339465072765025445277774699108038578156",
"207988070418592622783220166204807489027",
"3118336549738975285127983830254049394",
"177216691250357174789533723390395221588"
]
},
"signature_type": "Line"
},
{
"id": "CVE-2023-53638-dc6ec343",
"target": {
"function": "octep_remove",
"file": "drivers/net/ethernet/marvell/octeon_ep/octep_main.c"
},
"signature_version": "v1",
"deprecated": false,
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@758c91078165ae641b698750a72eafe7968b3756",
"digest": {
"function_hash": "134681437268123973459649807641752446470",
"length": 430.0
},
"signature_type": "Function"
}
]