CVE-2023-53371
BaseFortify
Publication date: 2025-09-18
Last updated on: 2025-12-12
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.13 (inc) to 6.1.40 (exc) |
| linux | linux_kernel | From 6.2 (inc) to 6.4.5 (exc) |
| linux | linux_kernel | 6.5 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-401 | The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a memory leak in the Linux kernel's mlx5e network driver. Specifically, the memory pointed to by the fs->any pointer is not freed in the error path of the function mlx5e_fs_tt_redirect_any_create. This means that if an error occurs during this function, allocated memory is not properly released, leading to a memory leak. The fix involves freeing this memory in the error path to prevent the leak.
How can this vulnerability impact me? :
The memory leak can cause increased memory usage over time, potentially leading to degraded system performance or instability if the leak accumulates. In systems using the affected Linux kernel network driver, this could result in resource exhaustion or crashes under certain conditions.