VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 24, 2025· Updated Apr 15, 2026

CVE-2023-54129

CVE-2023-54129

Description

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-af: Add validation for lmac type

Upon physical link change, firmware reports to the kernel about the change along with the details like speed, lmac_type_id, etc. Kernel derives lmac_type based on lmac_type_id received from firmware.

In a few scenarios, firmware returns an invalid lmac_type_id, which is resulting in below kernel panic. This patch adds the missing validation of the lmac_type_id field.

Internal error: Oops: 96000005 [#1] PREEMPT SMP [ 35.321595] Modules linked in: [ 35.328982] CPU: 0 PID: 31 Comm: kworker/0:1 Not tainted 5.4.210-g2e3169d8e1bc-dirty #17 [ 35.337014] Hardware name: Marvell CN103XX board (DT) [ 35.344297] Workqueue: events work_for_cpu_fn [ 35.352730] pstate: 40400089 (nZcv daIf +PAN -UAO) [ 35.360267] pc : strncpy+0x10/0x30 [ 35.366595] lr : cgx_link_change_handler+0x90/0x180

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A missing validation in Linux kernel's octeontx2-af driver can trigger a kernel panic when firmware sends an invalid lmac_type_id.

Vulnerability

The Linux kernel's octeontx2-af driver lacks validation of the lmac_type_id field received from firmware during physical link change notifications. When an invalid lmac_type_id is provided, the kernel derives an incorrect lmac_type, leading to a crash in strncpy and resulting in a kernel panic (Oops). [1]

Exploitation

An attacker with the ability to influence firmware responses or trigger a physical link change (e.g., through local access to a Marvell CN103XX board) can cause the firmware to send a malformed lmac_type_id. The panic occurs in a workqueue context (work_for_cpu_fn), requiring no authentication beyond local access to the affected hardware. [1][2]

Impact

The vulnerability results in a denial of service (system crash). No privilege escalation is described; the primary impact is availability loss.

Mitigation

The fix adds validation of the lmac_type_id field before it is used. The patch has been backported to stable kernel versions as seen in the referenced commits [1][2]. Users should update their kernels to include the fix.

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

4
afd7660c766c
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
5c0268b141ad
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
cb5edce27176
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
83a7f27c5b94
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

4

News mentions

0

No linked articles in our index yet.