CVE-2023-53661 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: bnxt: avoid overflow in bnxt_get_nvram_directory() The value of an arithmetic expression is subject of possible overflow due to a failure to cast operands to a larger data type before performing arithmetic. Used macro for multiplication instead operator for avoiding overflow. Found by Security Code and Linux Verification Center (linuxtesting.org) with SVACE.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/17e0453a7523ad7a25bb47af941b150a6c66d7b6
https://git.kernel.org/stable/c/7c6dddc239abe660598c49ec95ea0ed6399a4b2a
https://git.kernel.org/stable/c/d5eaf2a6b077f32a477feb1e9e1c1f60605b460e
https://git.kernel.org/stable/c/efb1a257513438d43f4335f09b2f684e8167cad2

History

Tue, 07 Oct 2025 15:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: bnxt: avoid overflow in bnxt_get_nvram_directory() The value of an arithmetic expression is subject of possible overflow due to a failure to cast operands to a larger data type before performing arithmetic. Used macro for multiplication instead operator for avoiding overflow. Found by Security Code and Linux Verification Center (linuxtesting.org) with SVACE.
Title		bnxt: avoid overflow in bnxt_get_nvram_directory()
References		https://git.kernel.org/stable/c/17e0453a7523ad7a25bb47af941b150a6c66d7b6 https://git.kernel.org/stable/c/7c6dddc239abe660598c49ec95ea0ed6399a4b2a https://git.kernel.org/stable/c/d5eaf2a6b077f32a477feb1e9e1c1f60605b460e https://git.kernel.org/stable/c/efb1a257513438d43f4335f09b2f684e8167cad2

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-07T15:21:20.987Z

Updated: 2025-10-07T15:21:20.987Z

Reserved: 2025-10-07T15:16:59.662Z

Link: CVE-2023-53661

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-07T16:15:49.810

Modified: 2025-10-07T16:15:49.810

Link: CVE-2023-53661

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53661", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-10-07T15:16:59.662Z", "datePublished": "2025-10-07T15:21:20.987Z", "dateUpdated": "2025-10-07T15:21:20.987Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-10-07T15:21:20.987Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt: avoid overflow in bnxt_get_nvram_directory()\n\nThe value of an arithmetic expression is subject\nof possible overflow due to a failure to cast operands to a larger data\ntype before performing arithmetic. Used macro for multiplication instead\noperator for avoiding overflow.\n\nFound by Security Code and Linux Verification\nCenter (linuxtesting.org) with SVACE."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "d5eaf2a6b077f32a477feb1e9e1c1f60605b460e", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "efb1a257513438d43f4335f09b2f684e8167cad2", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "17e0453a7523ad7a25bb47af941b150a6c66d7b6", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "7c6dddc239abe660598c49ec95ea0ed6399a4b2a", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c"], "versions": [{"version": "5.15.113", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.30", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3.4", "lessThanOrEqual": "6.3.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.113"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.30"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.3.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.4"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/d5eaf2a6b077f32a477feb1e9e1c1f60605b460e"}, {"url": "https://git.kernel.org/stable/c/efb1a257513438d43f4335f09b2f684e8167cad2"}, {"url": "https://git.kernel.org/stable/c/17e0453a7523ad7a25bb47af941b150a6c66d7b6"}, {"url": "https://git.kernel.org/stable/c/7c6dddc239abe660598c49ec95ea0ed6399a4b2a"}], "title": "bnxt: avoid overflow in bnxt_get_nvram_directory()", "x_generator": {"engine": "bippy-1.2.0"}}}}