CVE-2023-53010 Affecting kernel-64k-debug-modules-internal package, versions *


Severity

Recommended
0.0
medium
0
10

Based on CentOS security rating.

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-CENTOS9-KERNEL64KDEBUGMODULESINTERNAL-9578775
  • published1 Apr 2025
  • disclosed27 Mar 2025

Introduced: 27 Mar 2025

NewCVE-2023-53010  (opens in a new tab)

How to fix?

There is no fixed version for Centos:9 kernel-64k-debug-modules-internal.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-64k-debug-modules-internal package and not the kernel-64k-debug-modules-internal package as distributed by Centos. See How to fix? for Centos:9 relevant fixed versions and status.

In the Linux kernel, the following vulnerability has been resolved:

bnxt: Do not read past the end of test names

Test names were being concatenated based on a offset beyond the end of the first name, which tripped the buffer overflow detection logic:

detected buffer overflow in strnlen [...] Call Trace: bnxt_ethtool_init.cold+0x18/0x18

Refactor struct hwrm_selftest_qlist_output to use an actual array, and adjust the concatenation to use snprintf() rather than a series of strncat() calls.

CVSS Base Scores

version 3.1