CVE-2023-54133
Resource Leak in Linux Kernel nfp Component Due to MC Address Mishandling
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | kernel | * |
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability occurs in the Linux kernel where multicast (mc) addresses are cleaned in software when moving devices between namespaces, but they are not removed from the application firmware. As a result, the multicast addresses remain in the firmware, causing a resource leak. The fix involves using the function __dev_mc_unsync to properly clean multicast addresses when closing a port.
How can this vulnerability impact me? :
The vulnerability can cause resource leaks in the system because multicast addresses are not properly removed from the application firmware when devices are moved between namespaces. This could potentially lead to degraded system performance or exhaustion of resources related to multicast address management.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update the Linux kernel to a version where the fix is applied, which uses __dev_mc_unsync to clean multicast addresses when closing the port, preventing resource leaks.