CVE-2023-54201

EPSS 0.03%
Veröffentlicht 30.12.2025 12:09:06
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

RDMA/efa: Fix wrong resources deallocation order

In the Linux kernel, the following vulnerability has been resolved:

RDMA/efa: Fix wrong resources deallocation order

When trying to destroy QP or CQ, we first decrease the refcount and
potentially free memory regions allocated for the object and then
request the device to destroy the object. If the device fails, the
object isn't fully destroyed so the user/IB core can try to destroy the
object again which will lead to underflow when trying to decrease an
already zeroed refcount.

Deallocate resources in reverse order of allocating them to safely free
them.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

CNA 2 VulnDex Vulnerability Enrichment 7

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version ff6629f88c529b07d9704c656c64dae76910e3e9

Version < cf38960386f3cc4abf395e556af915e4babcafd2

Status affected

Version ff6629f88c529b07d9704c656c64dae76910e3e9

Version < e79db2f51a564fd4daa3e508b987df5e81c34b20

Status affected

Version ff6629f88c529b07d9704c656c64dae76910e3e9

Version < 24f9884971f9b34915b67baacf7350a3f6f19ea4

Status affected

Version ff6629f88c529b07d9704c656c64dae76910e3e9

Version < dc202c57e9a1423aed528e4b8dc949509cd32191

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.7

Status affected

Version 0

Version < 5.7

Status unaffected

Version <= 6.1.*

Version 6.1.53

Status unaffected

Version <= 6.4.*

Version 6.4.16

Status unaffected

Version <= 6.5.*

Version 6.5.3

Status unaffected

Version <= *

Version 6.6

Status unaffected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.099

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/cf38960386f3cc4abf395e556af915e4babcafd2

https://git.kernel.org/stable/c/e79db2f51a564fd4daa3e508b987df5e81c34b20

https://git.kernel.org/stable/c/24f9884971f9b34915b67baacf7350a3f6f19ea4

https://git.kernel.org/stable/c/dc202c57e9a1423aed528e4b8dc949509cd32191

https://nvd.nist.gov/vuln/detail/CVE-2023-54201

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54201

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54201

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2023-54201