CVE-2023-54106
Memory Leak in Linux Kernel mlx5e_init_rep_rx Component
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a potential memory leak in the Linux kernel's mlx5 network driver. Specifically, the memory pointed to by the priv->rx_res pointer is not freed in the error path of the mlx5e_init_rep_rx function. This means that if an error occurs during initialization, allocated memory is not properly released, leading to a memory leak. The fix involves freeing this memory in the error path to prevent the leak.
How can this vulnerability impact me? :
The impact of this vulnerability is a potential memory leak in the Linux kernel's network driver. Over time, this could lead to increased memory usage and possibly degrade system performance or stability, especially on systems that frequently encounter errors in this code path. However, it does not directly lead to code execution or data exposure.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch or update the Linux kernel to a version where the mlx5e_init_rep_rx function has been fixed to properly free memory in the error path, as described. This will prevent the memory leak issue.