Описание
In the Linux kernel, the following vulnerability has been resolved:
RDMA/bnxt_re: wraparound mbox producer index
Driver is not handling the wraparound of the mbox producer index correctly. Currently the wraparound happens once u32 max is reached.
Bit 31 of the producer index register is special and should be set only once for the first command. Because the producer index overflow setting bit31 after a long time, FW goes to initialization sequence and this causes FW hang.
Fix is to wraparound the mbox producer index once it reaches u16 max.
In the Linux kernel, the following vulnerability has been resolved:
RDMA/bnxt_re: wraparound mbox producer index
Driver is not handling the wraparound of the mbox producer index correctly. Currently the wraparound happens once u32 max is reached.
Bit 31 of the producer index register is special and should be set only once for the first command. Because the producer index overflow setting bit31 after a long time, FW goes to initialization sequence and this causes FW hang.
Fix is to wraparound the mbox producer index once it reaches u16 max.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2023-53201
- https://git.kernel.org/stable/c/0af91306e17ef3d18e5f100aa58aa787869118af
- https://git.kernel.org/stable/c/50d77c3739b2b15e9e1f1c9cbe50037d294800f8
- https://git.kernel.org/stable/c/79226176cdd1b65a1e6a90e0e1a2b490f0a9df33
- https://git.kernel.org/stable/c/7bfa0303fbc265c94cfbd17505c55b99848aa4e3
- https://git.kernel.org/stable/c/9341501e2f7af29f5b5562c2840a7fde40eb7de4
- https://git.kernel.org/stable/c/c9be352be9bb15e6b83e40abc4df7f4776b435ba
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: wraparound mbox producer index Driver is not handling the wraparound of the mbox producer index correctly. Currently the wraparound happens once u32 max is reached. Bit 31 of the producer index register is special and should be set only once for the first command. Because the producer index overflow setting bit31 after a long time, FW goes to initialization sequence and this causes FW hang. Fix is to wraparound the mbox producer index once it reaches u16 max.
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: wraparound mbox producer index Driver is not handling the wraparound of the mbox producer index correctly. Currently the wraparound happens once u32 max is reached. Bit 31 of the producer index register is special and should be set only once for the first command. Because the producer index overflow setting bit31 after a long time, FW goes to initialization sequence and this causes FW hang. Fix is to wraparound the mbox producer index once it reaches u16 max.
In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: wraparound mbox producer index Driver is not handling the wraparound of the mbox producer index correctly. Currently the wraparound happens once u32 max is reached. Bit 31 of the producer index register is special and should be set only once for the first command. Because the producer index overflow setting bit31 after a long time, FW goes to initialization sequence and this causes FW hang. Fix is to wraparound the mbox producer index once it reaches u16 max.
In the Linux kernel, the following vulnerability has been resolved: R ...
