CVE-2023-54148Use After Free in Linux

CWE-416Use After Free7 documents6 sources
Severity
7.0HIGH
No vector
EPSS
0.0%
top 93.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Move representor neigh cleanup to profile cleanup_tx For IP tunnel encapsulation in ECMP (Equal-Cost Multipath) mode, as the flow is duplicated to the peer eswitch, the related neighbour information on the peer uplink representor is created as well. In the cited commit, eswitch devcom unpair is moved to uplink unload API, specifically the profile->cleanup_tx. If there is a encap rule offloaded in ECMP mode, when on

Affected Packages4 packages

Linuxlinux/linux_kernel6.2.06.4.10+1
Debianlinux/linux_kernel< 6.1.52-1+2
CVEListV5linux/linuxb17294e7aa8c39dbb9c3e28e2d1983c88b94b387d628ba98eb1637acce44001e04c718d8dbb1f7ce+4
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-hr7g-x38j-56v5: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Move representor neigh cleanup to profile cleanup_tx For IP tunnel en2025-12-24
OSV
CVE-2023-54148: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Move representor neigh cleanup to profile cleanup_tx For IP tunnel enca2025-12-24
OSV
net/mlx5e: Move representor neigh cleanup to profile cleanup_tx2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: net/mlx5e: Move representor neigh cleanup to profile cleanup_tx2025-12-24
Debian
CVE-2023-54148: linux - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54148 Impact, Exploitability, and Mitigation Steps | Wiz