CVE-2023-53657

EUVD-2025-31977
In the Linux kernel, the following vulnerability has been resolved:

ice: Don't tx before switchdev is fully configured

There is possibility that ice_eswitch_port_start_xmit might be
called while some resources are still not allocated which might
cause NULL pointer dereference. Fix this by checking if switchdev
configuration was finished.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
5.16 ≤
𝑥
< 6.1.55
linuxlinux_kernel
6.2 ≤
𝑥
< 6.5.5
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.153-1
fixed
bullseye
vulnerable
bullseye (security)
vulnerable
forky
6.16.9-1
fixed
sid
6.16.11-1
fixed
trixie
6.12.43-1
fixed
trixie (security)
6.12.48-1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/5760a72b3060150b587eff3e879648c7470efddd
https://git.kernel.org/stable/c/63ff5a94649837d980e3b9ef535c793ec8cb0ca7
https://git.kernel.org/stable/c/7aa529a69e92b9aff585e569d5003f7c15d8d60b