CVE-2023-53720

EPSS 0.03%
Veröffentlicht 22.10.2025 13:23:52
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

net/mlx5e: Release the label when replacing existing ct entry

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5e: Release the label when replacing existing ct entry

Cited commit doesn't release the label mapping when replacing existing ct
entry which leads to following memleak report:

unreferenced object 0xffff8881854cf280 (size 96):
  comm "kworker/u48:74", pid 23093, jiffies 4296664564 (age 175.944s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<000000002722d368>] __kmalloc+0x4b/0x1c0
    [<00000000cc44e18f>] mapping_add+0x6e8/0xc90 [mlx5_core]
    [<000000003ad942a7>] mlx5_get_label_mapping+0x66/0xe0 [mlx5_core]
    [<00000000266308ac>] mlx5_tc_ct_entry_create_mod_hdr+0x1c4/0xf50 [mlx5_core]
    [<000000009a768b4f>] mlx5_tc_ct_entry_add_rule+0x16f/0xaf0 [mlx5_core]
    [<00000000a178f3e5>] mlx5_tc_ct_block_flow_offload_add+0x10cb/0x1f90 [mlx5_core]
    [<000000007b46c496>] mlx5_tc_ct_block_flow_offload+0x14a/0x630 [mlx5_core]
    [<00000000a9a18ac5>] nf_flow_offload_tuple+0x1a3/0x390 [nf_flow_table]
    [<00000000d0881951>] flow_offload_work_handler+0x257/0xd30 [nf_flow_table]
    [<000000009e4935a4>] process_one_work+0x7c2/0x13e0
    [<00000000f5cd36a7>] worker_thread+0x59d/0xec0
    [<00000000baed1daf>] kthread+0x28f/0x330
    [<0000000063d282a4>] ret_from_fork+0x1f/0x30

Fix the issue by correctly releasing the label mapping.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 5

CNA 2 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version 94ceffb48eac7692677d8093dcde6965b70c4b35

Version < 3db903a71f1f4bbf30baae166a4a49f2e8aceb61

Status affected

Version 94ceffb48eac7692677d8093dcde6965b70c4b35

Version < 8ac04a28144cfa89b61be518268233742c23d88d

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.3

Status affected

Version 0

Version < 6.3

Status unaffected

Version <= 6.3.*

Version 6.3.2

Status unaffected

Version <= *

Version 6.4

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.082

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/3db903a71f1f4bbf30baae166a4a49f2e8aceb61

https://git.kernel.org/stable/c/8ac04a28144cfa89b61be518268233742c23d88d

https://nvd.nist.gov/vuln/detail/CVE-2023-53720

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53720

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53720

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-53720