Linux Kernel RDMA Firmware Management Flaw in Mellanox Drivers
CVE-2023-53286
What is CVE-2023-53286?
In the Linux kernel, a vulnerability has been identified within the Mellanox RDMA drivers that affects the destruction process of Queue Pairs (QP) and Receive Queues (RQ). When QP/RQ destruction is initiated, the system previously failed to notify upper layers about any errors encountered during the firmware destruction process. This oversight could lead to situations where the associated upper layer remains oblivious to the failure, resulting in a state where the QP/RQ is believed to be destroyed while it is not, ultimately causing kernel warnings and potential operational issues. The fix ensures that the firmware destruction status is correctly relayed, allowing functions such as mlx5_ib_destroy_wq() and destroy_qp_common() to handle failures appropriately.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 73311dd831858d797cf8ebe140654ed519b41c36
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1a650d3ccd79cdd5796edd864683a6b8dd0bf576
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5fe7815e784bf21061885f8112a7108aef5c45bd