Linux Kernel RDMA Firmware Management Flaw in Mellanox Drivers
CVE-2023-53286

7.8HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 September 2025

What is CVE-2023-53286?

In the Linux kernel, a vulnerability has been identified within the Mellanox RDMA drivers that affects the destruction process of Queue Pairs (QP) and Receive Queues (RQ). When QP/RQ destruction is initiated, the system previously failed to notify upper layers about any errors encountered during the firmware destruction process. This oversight could lead to situations where the associated upper layer remains oblivious to the failure, resulting in a state where the QP/RQ is believed to be destroyed while it is not, ultimately causing kernel warnings and potential operational issues. The fix ensures that the firmware destruction status is correctly relayed, allowing functions such as mlx5_ib_destroy_wq() and destroy_qp_common() to handle failures appropriately.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 333fbaa0255b8d471fc7ae767ef3a1766c732d6d < 73311dd831858d797cf8ebe140654ed519b41c36

Linux 333fbaa0255b8d471fc7ae767ef3a1766c732d6d < 1a650d3ccd79cdd5796edd864683a6b8dd0bf576

Linux 333fbaa0255b8d471fc7ae767ef3a1766c732d6d < 5fe7815e784bf21061885f8112a7108aef5c45bd

References

https://git.kernel.org/stable/c/73311dd831858d797cf8ebe14...
https://git.kernel.org/stable/c/1a650d3ccd79cdd5796edd864...
https://git.kernel.org/stable/c/5fe7815e784bf21061885f811...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.