{ "dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": { "cveId": "CVE-2023-53066", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-05-02T15:51:43.548Z", "datePublished": "2025-05-02T15:55:19.730Z", "dateUpdated": "2026-05-11T19:37:53.392Z" }, "containers": { "cna": { "providerMetadata": { "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T19:37:53.392Z" }, "descriptions": [ { "lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nqed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info\n\nWe have to make sure that the info returned by the helper is valid\nbefore using it.\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE\nstatic analysis tool." } ], "affected": [ { "product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "drivers/net/ethernet/qlogic/qed/qed_sriov.c" ], "versions": [ { "version": "733def6a04bf3d2810dd675e1240f8df94d633c3", "lessThan": "7bd0037822fd04da13721f77a42ee5a077d4c5fb", "status": "affected", "versionType": "git" }, { "version": "733def6a04bf3d2810dd675e1240f8df94d633c3", "lessThan": "7742c08e012eb65405e8304d100641638c5ff882", "status": "affected", "versionType": "git" }, { "version": "733def6a04bf3d2810dd675e1240f8df94d633c3", "lessThan": "42d72c6d1edc9dc09a5d6f6695d257fa9e9cc270", "status": "affected", "versionType": "git" }, { "version": "733def6a04bf3d2810dd675e1240f8df94d633c3", "lessThan": "39c3b9dd481c3afce9439b29bafe00444cb4406b", "status": "affected", "versionType": "git" }, { "version": "733def6a04bf3d2810dd675e1240f8df94d633c3", "lessThan": "e42d3bde4ec03c863259878dddaef5c351cca7ad", "status": "affected", "versionType": "git" }, { "version": "733def6a04bf3d2810dd675e1240f8df94d633c3", "lessThan": "97ea704f39b5ded96f071e98701aa543f6f89683", "status": "affected", "versionType": "git" }, { "version": "733def6a04bf3d2810dd675e1240f8df94d633c3", "lessThan": "b224b0cab3a66e93d414825065a2e667a1d28c32", "status": "affected", "versionType": "git" }, { "version": "733def6a04bf3d2810dd675e1240f8df94d633c3", "lessThan": "25143b6a01d0cc5319edd3de22ffa2578b045550", "status": "affected", "versionType": "git" } ] }, { "product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": [ "drivers/net/ethernet/qlogic/qed/qed_sriov.c" ], "versions": [ { "version": "4.7", "status": "affected" }, { "version": "0", "lessThan": "4.7", "status": "unaffected", "versionType": "semver" }, { "version": "4.14.312", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver" }, { "version": "4.19.280", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver" }, { "version": "5.4.240", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver" }, { "version": "5.10.177", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver" }, { "version": "5.15.105", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.1.22", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.2.9", "lessThanOrEqual": "6.2.*", "status": "unaffected", "versionType": "semver" }, { "version": "6.3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix" } ] } ], "cpeApplicability": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "4.14.312" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "4.19.280" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "5.4.240" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "5.10.177" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "5.15.105" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "6.1.22" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "6.2.9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.7", "versionEndExcluding": "6.3" } ] } ] } ], "references": [ { "url": "https://git.kernel.org/stable/c/7bd0037822fd04da13721f77a42ee5a077d4c5fb" }, { "url": "https://git.kernel.org/stable/c/7742c08e012eb65405e8304d100641638c5ff882" }, { "url": "https://git.kernel.org/stable/c/42d72c6d1edc9dc09a5d6f6695d257fa9e9cc270" }, { "url": "https://git.kernel.org/stable/c/39c3b9dd481c3afce9439b29bafe00444cb4406b" }, { "url": "https://git.kernel.org/stable/c/e42d3bde4ec03c863259878dddaef5c351cca7ad" }, { "url": "https://git.kernel.org/stable/c/97ea704f39b5ded96f071e98701aa543f6f89683" }, { "url": "https://git.kernel.org/stable/c/b224b0cab3a66e93d414825065a2e667a1d28c32" }, { "url": "https://git.kernel.org/stable/c/25143b6a01d0cc5319edd3de22ffa2578b045550" } ], "title": "qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info", "x_generator": { "engine": "bippy-1.2.0" } } } }