DEBIAN-CVE-2023-53376
- Source
- https://security-tracker.debian.org/tracker/CVE-2023-53376
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53376.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2023-53376
- Upstream
- Published
- 2025-09-18T14:15:40Z
- Modified
- 2025-09-25T03:46:49.241178Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use number of bits to manage bitmap sizes To allocate bitmaps, the mpi3mr driver calculates sizes of bitmaps using byte as unit. However, bitmap helper functions assume that bitmaps are allocated using unsigned long as unit. This gap causes memory access beyond the bitmap sizes and results in "BUG: KASAN: slab-out-of-bounds". The BUG was observed at firmware download to eHBA-9600. Call trace indicated that the out-of-bounds access happened in findfirstzerobit() called from mpi3mrsendeventack() for miroc->evtackcmdsbitmap. To fix the BUG, do not use bytes to manage bitmap sizes. Instead, use number of bits, and call bitmap helper functions which take number of bits as arguments. For memory allocation, call bitmapzalloc() instead of kzalloc() and krealloc(). For memory free, call bitmapfree() instead of kfree(). For zero clear, call bitmapclear() instead of memset(). Remove three fields for bitmap byte sizes in struct scmdpriv which are no longer required. Replace the field devhandlebitmapsz with devhandlebitmapbits to keep number of bits of removepend_bitmap across resize.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source