CVE-2023-53058

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: E-Switch, Fix an Oops in error handling code

The error handling dereferences "vport".  There is nothing we can do if
it is an error pointer except returning the error code.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 7%
VendorProductVersion
linuxlinux_kernel
5.8 ≤
𝑥
< 5.10.177
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.105
linuxlinux_kernel
5.16 ≤
𝑥
< 6.1.22
linuxlinux_kernel
6.2 ≤
𝑥
< 6.2.9
linuxlinux_kernel
6.3:rc1
linuxlinux_kernel
6.3:rc2
linuxlinux_kernel
6.3:rc3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.234-1
fixed
bookworm
6.1.129-1
fixed
bookworm (security)
6.1.135-1
fixed
trixie
6.12.22-1
fixed
sid
6.12.25-1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/1a9853a7437a22fd849347008fb3c85087906b56
https://git.kernel.org/stable/c/388188fb58bef9e7f3ca4f8970f03d493b66909f
https://git.kernel.org/stable/c/5eadc80328298ef7beaaf0cd96791667d3b485ca
https://git.kernel.org/stable/c/640fcdbcf27fc62de9223f958ceb4e897a00e791
https://git.kernel.org/stable/c/c4c977935b2fc60084b3735737d17a06e7ba1bd0