CVE-2023-54201Improper Update of Reference Count in Linux

CWE-911Improper Update of Reference Count7 documents6 sources
Severity
4.7MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If the device fails, the object isn't fully destroyed so the user/IB core can try to destroy the object again which will lead to underflow when trying to decrease an already zeroed refcount. Deallocate re

Affected Packages4 packages

Linuxlinux/linux_kernel5.7.06.1.53+2
Debianlinux/linux_kernel< 6.1.55-1+2
CVEListV5linux/linuxff6629f88c529b07d9704c656c64dae76910e3e9cf38960386f3cc4abf395e556af915e4babcafd2+4
debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-25gx-7w99-7j35: In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ2025-12-30
OSV
CVE-2023-54201: In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ,2025-12-30
OSV
RDMA/efa: Fix wrong resources deallocation order2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: RDMA/efa: Fix wrong resources deallocation order2025-12-30
Debian
CVE-2023-54201: linux - In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: F...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54201 Impact, Exploitability, and Mitigation Steps | Wiz