CVE-2023-52834

Advisory lineage Upstream: 0 Downstream: 19

Downstream

DEBIAN-CVE-2023-52834 RHSA-2024:5101 RHSA-2024:5102 RHSA-2024:9315 RHSA-2025:10701 SUSE-SU-2024:2008-1

Analyzed

Published: 21 May 2024, 15:31

Last modified:11 May 2026, 19:33

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

v3.1 (nvd)

EPSS Score

0.01% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

21 May 2024, 15:31

Published

Vulnerability first disclosed

11 May 2026, 19:33

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: atl1c: Work around the DMA RX overflow issue This is based on alx driver commit 881d0327db37 ("net: alx: Work around the DMA RX overflow issue"). The alx and atl1c drivers had RX overflow error which was why a custom allocator was created to avoid certain addresses. The simpler workaround then created for alx driver, but not for atl1c due to lack of tester. Instead of using a custom allocator, check the allocated skb address and use skb_reserve() to move away from problematic 0x...fc0 address. Tested on AR8131 on Acer 4540.

CVSS Metrics

v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01%• Percentile: 1%

Affected Systems

linux•linux
≥ 43250ddd75a35d1f7926d989a10fefd30c37eaa7, < c29a89b23f67ee592f4dee61f9d7efbf86d60315 | ≥ 43250ddd75a35d1f7926d989a10fefd30c37eaa7, < 57e44ff9c2c9747b2b1a53556810b0e5192655d6 | ≥ 43250ddd75a35d1f7926d989a10fefd30c37eaa7, < 54a6152da4993ec8e4b53dc3cf577f5a2c829afa | ≥ 43250ddd75a35d1f7926d989a10fefd30c37eaa7, < 32f08b7b430ee01ec47d730f961a3306c1c7b6fb | ≥ 43250ddd75a35d1f7926d989a10fefd30c37eaa7, < 86565682e9053e5deb128193ea9e88531bbae9cf | 2.6.29
linux•linux_kernel
< 5.15.140 | ≥ 5.16, < 6.1.64 | ≥ 6.2, < 6.5.13 | ≥ 6.6, < 6.6.3