LiveActive security incident?Get immediate response
CVE Record

CVE-2023-54129: octeontx2-af: Add validation for lmac type

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Add validation for lmac type Upon physical link change, firmware reports to the kernel about the change along with the details like speed, lmac_type_id, etc. Kernel derives lmac_type based on lmac_type_id received from firmware. In a few scenarios, firmware returns an invalid lmac_type_id, which is resulting in below kernel panic. This patch adds the missing validation of the lmac_type_id field. Internal error: Oops: 96000005 [#1] PREEMPT SMP [ 35.321595] Modules linked in: [ 35.328982] CPU: 0 PID: 31 Comm: kworker/0:1 Not tainted 5.4.210-g2e3169d8e1bc-dirty #17 [ 35.337014] Hardware name: Marvell CN103XX board (DT) [ 35.344297] Workqueue: events work_for_cpu_fn [ 35.352730] pstate: 40400089 (nZcv daIf +PAN -UAO) [ 35.360267] pc : strncpy+0x10/0x30 [ 35.366595] lr : cgx_link_change_handler+0x90/0x180

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysismoderate

Security readout for executives and security teams

Plain-English summary

This Linux kernel issue can crash affected systems when specific Marvell network hardware reports an invalid link-type value during a physical link change. The known impact is availability loss from a kernel panic, not data theft or privilege escalation based on the supplied sources.

Executive priority

Handle as a targeted availability risk for specialized Linux network platforms. It deserves timely patch planning where the hardware is present, but the supplied evidence does not support emergency internet-wide response.

Technical view

The octeontx2-af driver derived lmac_type from firmware-provided lmac_type_id without sufficient validation. In some firmware scenarios, an invalid lmac_type_id reached cgx_link_change_handler and triggered a kernel Oops in strncpy. Stable kernel commits add validation for the lmac_type_id field.

Likely exposure

Exposure appears limited to Linux systems using the octeontx2-af driver on Marvell OcteonTX2/CN103XX-class hardware where firmware can report invalid lmac_type_id values during physical link changes.

Exploitation context

The source bundle does not show active exploitation, public exploit activity, or CISA KEV listing. The described trigger is a firmware-reported invalid field during link change, so treat this primarily as a stability and availability risk.

Researcher notes

The evidence identifies a missing bounds or validity check in a hardware-specific kernel driver path. No CVSS, CWE, exploit status, or broad affected-product mapping is supplied, so exposure assessment should stay hardware- and kernel-version-specific.

Mitigation direction

  • Review vendor and Linux stable kernel guidance for applicable fixed builds.
  • Prioritize updates on Marvell OcteonTX2/CN103XX systems running affected kernels.
  • Coordinate kernel updates with appliance, firmware, or platform vendors.
  • Monitor affected hosts for kernel Oops or panic events after link changes.

Validation and detection

  • Inventory systems for Marvell OcteonTX2/CN103XX hardware and octeontx2-af usage.
  • Confirm running kernel versions against the cited affected and fixed stable references.
  • Check kernel logs for cgx_link_change_handler, strncpy, Oops, or panic messages.
  • Verify the deployed kernel includes lmac_type_id validation from the referenced commits.
Prepared
Confidence
medium
Sources
7

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2023-54129 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
0ADP providers
6Source links

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinux61071a871ea6eb2125ece91c1a0dbb124a318c8a, 61071a871ea6eb2125ece91c1a0dbb124a318c8a, 61071a871ea6eb2125ece91c1a0dbb124a318c8a, 61071a871ea6eb2125ece91c1a0dbb124a318c8a, 61071a871ea6eb2125ece91c1a0dbb124a318c8aunaffected
LinuxLinux4.20, 0, 5.10.259, 6.1.32, 6.2.16, 6.3.3, 6.4affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.