{"uuid": "c9b9d8d1-9625-4dcf-a5cb-3a5720d11d01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-53134", "type": "seen", "source": "https://t.me/cvedetector/24356", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-53134 - \"Broadcom bnxt_en Linux kernel Memory Allocation Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2023-53134 \nPublished : May 2, 2025, 4:15 p.m. | 1\u00a0hour, 4\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nbnxt_en: Avoid order-5 memory allocation for TPA data  \n  \nThe driver needs to keep track of all the possible concurrent TPA (GRO/LRO)  \ncompletions on the aggregation ring.  On P5 chips, the maximum number  \nof concurrent TPA is 256 and the amount of memory we allocate is order-5  \non systems using 4K pages.  Memory allocation failure has been reported:  \n  \nNetworkManager: page allocation failure: order:5, mode:0x40dc0(GFP_KERNEL|__GFP_COMP|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1  \nCPU: 15 PID: 2995 Comm: NetworkManager Kdump: loaded Not tainted 5.10.156 #1  \nHardware name: Dell Inc. PowerEdge R660/0M1CC5, BIOS 0.2.25 08/12/2022  \nCall Trace:  \n dump_stack+0x57/0x6e  \n warn_alloc.cold.120+0x7b/0xdd  \n ? _cond_resched+0x15/0x30  \n ? __alloc_pages_direct_compact+0x15f/0x170  \n __alloc_pages_slowpath.constprop.108+0xc58/0xc70  \n __alloc_pages_nodemask+0x2d0/0x300  \n kmalloc_order+0x24/0xe0  \n kmalloc_order_trace+0x19/0x80  \n bnxt_alloc_mem+0x1150/0x15c0 [bnxt_en]  \n ? bnxt_get_func_stat_ctxs+0x13/0x60 [bnxt_en]  \n __bnxt_open_nic+0x12e/0x780 [bnxt_en]  \n bnxt_open+0x10b/0x240 [bnxt_en]  \n __dev_open+0xe9/0x180  \n __dev_change_flags+0x1af/0x220  \n dev_change_flags+0x21/0x60  \n do_setlink+0x35c/0x1100  \n  \nInstead of allocating this big chunk of memory and dividing it up for the  \nconcurrent TPA instances, allocate each small chunk separately for each  \nTPA instance.  This will reduce it to order-0 allocations. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-02T20:07:41.000000Z"}