Buffer Overflow Vulnerability in Linux Kernel's mpi3mr Driver
CVE-2023-53376

7.1HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 September 2025

What is CVE-2023-53376?

The mpi3mr driver in the Linux kernel has a vulnerability where the sizes of bitmaps are incorrectly calculated in bytes rather than in bits. This discrepancy can lead to memory access beyond the allocated bitmap sizes, resulting in out-of-bounds memory access errors. Specifically, during firmware download to eHBA-9600, a 'BUG: KASAN: slab-out-of-bounds' issue was triggered in the find_first_zero_bit() function. The resolution involves using the correct number of bits for bitmap management and utilizing appropriate bitmap helper functions for memory allocation and deallocation. Adjustments to the data structure have also been made to accommodate these changes, enhancing overall memory safety.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 824a156633dfdb0e17979a0d0bb2c757d1bb949c < 6a675a6d57d31da43d8da576465c1cd5d5b0bd3d

Linux 824a156633dfdb0e17979a0d0bb2c757d1bb949c < 8ac713d2e9845e9234bb12ae5903040685d5aff9

Linux 824a156633dfdb0e17979a0d0bb2c757d1bb949c < 339e61565f81a6534afdc18fd854b2e2628bf5db

References

https://git.kernel.org/stable/c/6a675a6d57d31da43d8da5764...
https://git.kernel.org/stable/c/8ac713d2e9845e9234bb12ae5...
https://git.kernel.org/stable/c/339e61565f81a6534afdc18fd...

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.