CVE-2023-54238

EPSS 0.02%
Veröffentlicht 30.12.2025 12:11:27
Zuletzt bearbeitet 31.12.2025 20:42:43
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

mlx5: fix skb leak while fifo resync and push

During ptp resync operation SKBs were poped from the fifo but were never
freed neither by napi_consume nor by dev_kfree_skb_any. Add call to
napi_consume_skb to properly free SKBs.

Another leak was happening because mlx5e_skb_fifo_has_room() had an error
in the check. Comparing free running counters works well unless C promotes
the types to something wider than the counter. In this case counters are
u16 but the result of the substraction is promouted to int and it causes
wrong result (negative value) of the check when producer have already
overlapped but consumer haven't yet. Explicit cast to u16 fixes the issue.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 234cffda95e1049f58e8ec136ef105c633f0ed19

Version 58a518948f60153e8f6cb8361d2712aa3a1af94a

Status affected

Version < 68504c66d08c70fb92799722e25a932d311d74fd

Version 58a518948f60153e8f6cb8361d2712aa3a1af94a

Status affected

Version < e435941b1da1a0be4ff8a7ae425774c76a5ac514

Version 58a518948f60153e8f6cb8361d2712aa3a1af94a

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.0

Status affected

Version < 6.0

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.18

Status unaffected

Version <= 6.2.*

Version 6.2.5

Status unaffected

Version <= *

Version 6.3

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.057

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/234cffda95e1049f58e8ec136ef105c633f0ed19

https://git.kernel.org/stable/c/68504c66d08c70fb92799722e25a932d311d74fd

https://git.kernel.org/stable/c/e435941b1da1a0be4ff8a7ae425774c76a5ac514

https://nvd.nist.gov/vuln/detail/CVE-2023-54238

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54238

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54238

EUVD