CVE-2023-54223Linux vulnerability

7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 92.35%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDP_REDIRECT path, and then once again in the driver. This fix sets the flag to avoid releasing on the driver side. XSK handling of buffers for legacy rq was relying on the caller to set the skip release flag. But the referenced fix started using fragment count

Affected Packages3 packages

Linuxlinux/linux_kernel6.4.56.4.10
CVEListV5linux/linuxcbb5379362513cbff450df0457dc370da7244bec58a113a35846d9a5bd759beb332e551e28451f09+2
debiandebian/linux

🔴Vulnerability Details

3
OSV
CVE-2023-54223: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be enc2025-12-30
GHSA
GHSA-9gx4-8f8v-9gxp: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be e2025-12-30
OSV
net/mlx5e: xsk: Fix invalid buffer access for legacy rq2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: net/mlx5e: xsk: Fix invalid buffer access for legacy rq2025-12-30
Debian
CVE-2023-54223: linux - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54223 Impact, Exploitability, and Mitigation Steps | Wiz