5.5

CVE-2023-53539

EPSS 0.02%
Veröffentlicht 04.10.2025 15:16:49
Zuletzt bearbeitet 21.03.2026 00:25:38
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

RDMA/rxe: Fix incomplete state save in rxe_requester

If a send packet is dropped by the IP layer in rxe_requester()
the call to rxe_xmit_packet() can fail with err == -EAGAIN.
To recover, the state of the wqe is restored to the state before
the packet was sent so it can be resent. However, the routines
that save and restore the state miss a significnt part of the
variable state in the wqe, the dma struct which is used to process
through the sge table. And, the state is not saved before the packet
is built which modifies the dma struct.

Under heavy stress testing with many QPs on a fast node sending
large messages to a slow node dropped packets are observed and
the resent packets are corrupted because the dma struct was not
restored. This patch fixes this behavior and allows the test cases
to succeed.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 4.8.1 < 6.1.53

Linux ≫ Linux Kernel Version >= 6.2 < 6.4.16

Linux ≫ Linux Kernel Version >= 6.5 < 6.5.3

Linux ≫ Linux Kernel Version4.8 Update-

Linux ≫ Linux Kernel Version4.8 Updaterc7

Linux ≫ Linux Kernel Version4.8 Updaterc8

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.035

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/70518f3aaf5a059b691867d7d2d46b999319656a

Patch

https://git.kernel.org/stable/c/2f2a6422287fe29f9343247d77b645100ece0652

Patch

https://git.kernel.org/stable/c/255c0e60e1d16874fc151358d94bc8df661600dd

Patch

https://git.kernel.org/stable/c/5d122db2ff80cd2aed4dcd630befb56b51ddf947

Patch

https://nvd.nist.gov/vuln/detail/CVE-2023-53539

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53539

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53539

EUVD