CVE-2023-53201

low-risk

Published 2025-09-15

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: wraparound mbox producer index Driver is not handling the wraparound of the mbox producer index correctly. Currently the wraparound happens once u32 max is reached. Bit 31 of the producer index register is special and should be set only once for the first command. Because the producer index overflow setting bit31 after a long time, FW goes to initialization sequence and this causes FW hang. Fix is to wraparound the mbox producer index once it reaches u16 max.

Do I need to act?

0.02% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (6)

Patch https://git.kernel.org/stable/c/0af91306e17ef3d18e5f100aa58aa787869118af

Patch https://git.kernel.org/stable/c/50d77c3739b2b15e9e1f1c9cbe50037d294800f8

Patch https://git.kernel.org/stable/c/79226176cdd1b65a1e6a90e0e1a2b490f0a9df33

Patch https://git.kernel.org/stable/c/7bfa0303fbc265c94cfbd17505c55b99848aa4e3

Patch https://git.kernel.org/stable/c/9341501e2f7af29f5b5562c2840a7fde40eb7de4

Patch https://git.kernel.org/stable/c/c9be352be9bb15e6b83e40abc4df7f4776b435ba

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal