Out-of-Bounds Shift Vulnerability in Amazon ENA Adapter
CVE-2023-53272

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 September 2025

What is CVE-2023-53272?

A vulnerability in the ENA (Elastic Network Adapter) within the Linux kernel can lead to out-of-bounds shifts, potentially causing unexpected resets and instability. This issue arises due to an improper handling of exponential backoff timing in the device driver, which may result in excessively large reset delays that trigger undefined behavior (UBSAN panics). Developers have capped the shift value to avoid future overflows, ensuring more robust handling of reset timing and preventing degradation of service in cloud environments.

Affected Version(s)

Linux 4bb7f4cf60e38a00965d22aa5979ab143193d41f < 1e760b2d18bf129b3da052c2946c02758e97d15e

Linux 4bb7f4cf60e38a00965d22aa5979ab143193d41f < 3e36cc94d6e60a27f27498adf1c71eeba769ab33

Linux 4bb7f4cf60e38a00965d22aa5979ab143193d41f < 90947ebf8794e3c229fb2e16e37f1bfea6877f14

References

https://git.kernel.org/stable/c/1e760b2d18bf129b3da052c29...
https://git.kernel.org/stable/c/3e36cc94d6e60a27f27498adf...
https://git.kernel.org/stable/c/90947ebf8794e3c229fb2e16e...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2023-53272 : Out-of-Bounds Shift Vulnerability in Amazon ENA Adapter