CVE-2023-54216Use of Potentially Dangerous Function in Linux

CWE-676Use of Potentially Dangerous Function7 documents6 sources
Severity
5.3MEDIUM
No vector
EPSS
0.0%
top 92.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix using eswitch mapping in nic mode Cited patch is using the eswitch object mapping pool while in nic mode where it isn't initialized. This results in the trace below [0]. Fix that by using either nic or eswitch object mapping pool depending if eswitch is enabled or not. [0]: [ 826.446057] ================================================================== [ 826.446729] BUG: KASAN: slab-use-after-free in mlx5

Affected Packages3 packages

Linuxlinux/linux_kernel6.3.06.3.6
CVEListV5linux/linux6702782845a5bf381a19b204c369e634200416654150441c010dec36abc389828e2e4758bd8ad4b3+2
debiandebian/linux

🔴Vulnerability Details

3
OSV
net/mlx5e: TC, Fix using eswitch mapping in nic mode2025-12-30
OSV
CVE-2023-54216: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix using eswitch mapping in nic mode Cited patch is using the eswi2025-12-30
GHSA
GHSA-7cww-g38x-r47j: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix using eswitch mapping in nic mode Cited patch is using the es2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: net/mlx5e: TC, Fix using eswitch mapping in nic mode2025-12-30
Debian
CVE-2023-54216: linux - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54216 Impact, Exploitability, and Mitigation Steps | Wiz