Vulnerability in Linux Kernel Affecting Mellanox MLX5 Networking Driver
CVE-2023-53347

5.5MEDIUM

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
17 September 2025

What is CVE-2023-53347?

A vulnerability in the Mellanox MLX5 networking driver within the Linux kernel can lead to critical operational disruptions. This issue arises when transitioning a device from switchdev mode to legacy mode. The driver improperly manages the pairing of the E-switch during uplink un/load API operations. If a peer device's flow remains offloaded and the first device to be removed is the peer, the driver may encounter a kernel error leading to potential system instability. This is due to the original E-switch holding a pointer to a flow that has since been invalidated. The resolution of this vulnerability requires careful handling of unpairing processes within the uplink API.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 04de7dda7394fa9c2b0fc9cec65661d9b4f0d04d

Linux 04de7dda7394fa9c2b0fc9cec65661d9b4f0d04d < 10cbfecc0f99f579fb170feee866c9efaab7ee47

Linux 04de7dda7394fa9c2b0fc9cec65661d9b4f0d04d < 2be5bd42a5bba1a05daedc86cf0e248210009669

References

https://git.kernel.org/stable/c/b17294e7aa8c39dbb9c3e28e2...
https://git.kernel.org/stable/c/10cbfecc0f99f579fb170feee...
https://git.kernel.org/stable/c/2be5bd42a5bba1a05daedc86c...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.