CVE-2023-53142

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A buffer overflow issue has been identified in the Linux kernel's ice driver during module EEPROM read operations. The ice get module eeprom() function is flawed, as it reads the EEPROM in blocks of size 8 but fails to protect against buffer overflow for the last block, which always contains zeros. This issue was uncovered by an ethtool upstream commit. The vulnerability can be triggered using the ethtool command with specific offset and length parameters, such as /usr/bin/ethtool -m enp65s0f0np0 offset 0x90 length 12.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.