CVE-2023-54240
Published Dec 30, 2025
Modified Apr 15, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all() rule_locs is allocated in ethtool_get_rxnfc and the size is determined by rule_cnt from user space. So rule_cnt needs to be check before using rule_locs to avoid NULL pointer dereference.
Is your site exposed to CVE-2023-54240?
Run a free security scan — no signup, results in seconds.
References
Other References
https://git.kernel.org/stable/c/072324cfab9b96071c0782f51f53cc5aea1e9d5b
https://git.kernel.org/stable/c/653fbddbdfc6673bba01b13dae5a4384ad8f92ec
https://git.kernel.org/stable/c/751b2e22a188b0c306029d094da29b6b8de31430
https://git.kernel.org/stable/c/75f2de75c1182e80708c932418e4895dbc88b68f
https://git.kernel.org/stable/c/7776591e5ae2befff86579f68916a171971c6aab
https://git.kernel.org/stable/c/e4c79810755f66c9a933ca810da2724133b1165a
https://git.kernel.org/stable/c/fe0195fe48f85182bc7e7eabcad925bd3cbc10f5
https://git.kernel.org/stable/c/ff5faed5f5487b0fd2b640ba1304f82a5ebaab42
Frequently Asked Questions
What is CVE-2023-54240? +
In the Linux kernel, the following vulnerability has been resolved:
net: ethernet: mtk_eth_soc: fix possible NULL pointer dereference in mtk_hwlro_get_fdir_all()
rule_locs is allocated in ethtool_get_rxnfc and the size is determined by
rule_cnt from user space. So rule_cnt needs to be check before using
rule_locs to avoid NULL pointer dereference.
How do I check if I'm vulnerable to CVE-2023-54240? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.