Buffer Assignment Error in Linux Kernel Affecting Mellanox ConnectX-4
CVE-2023-53382

5.5MEDIUM

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 September 2025

What is CVE-2023-53382?

A vulnerability in the Linux kernel related to the SMC (Soft Multi-Channel) protocol leads to a crash when utilizing SMCRv2 with Mellanox ConnectX-4 devices. During the CLC (Connection Establishment Protocol) handshake, if an error occurs in buffer assignment after attempting to use an SMCRv2 device, the connection resources are not properly reset. When the system subsequently tries to establish a connection using an SMCRv1 device, it mistakenly retains references to the previous SMCRv2 link, which leads to a NULL pointer dereference and causes the kernel to crash. This issue underscores the importance of properly managing transition states between different connection protocols.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux e49300a6bf6218c835403545e9356141a6340181 < 9540765d1882d15497d880096de99fafabcfa08c

Linux e49300a6bf6218c835403545e9356141a6340181

Linux e49300a6bf6218c835403545e9356141a6340181 < 35112271672ae98f45df7875244a4e33aa215e31

References

https://git.kernel.org/stable/c/9540765d1882d15497d880096...
https://git.kernel.org/stable/c/d33be18917ffe69865dfed18b...
https://git.kernel.org/stable/c/35112271672ae98f45df78752...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.