Linux · Linux Kernel · CVE-2023-52780
**Name of the Vulnerable Software and Affected Versions**
Linux kernel (affected versions not specified)
**Description**
The vulnerability is related to the `page pool get stats` function in the `mvneta` driver. Calling this function without checks can lead to kernel crashes. The page pool is only available if the `bm` is not used, and it is not allocated when the port is stopped or in case of errors. This can cause a kernel NULL pointer dereference at virtual address 00000070, resulting in a crash. The issue is triggered when calling `ethstats` on a port that is down or at the wrong moment.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.