Linux Kernel Vulnerability in mlx5e Driver Affecting Network Traffic Handling
CVE-2023-53394
What is CVE-2023-53394?
A vulnerability in the Linux kernel's mlx5e driver has been identified, concerning the improper handling of request queues (rqs) when XSK sockets are closed. Specifically, a crash may occur when the regular rq is reactivated after an XSK socket has been shut down, leading to the reading of stale completion queue entries (cqes) and ultimately resulting in a disruption of network traffic. This situation can cause system instability manifested by crashes upon closing or deactivating the rq. To address this issue, a patch has been implemented that ensures all cqes are flushed during the rq flushing process, thereby preventing potential data corruption and enhancing the overall reliability of network traffic management.
Affected Version(s)
Linux 082a9edf12fef88400172e7d1b131d65a3ed492e < 02a84eb2af6bea7871cd34264fb27f141f005fd9
Linux 082a9edf12fef88400172e7d1b131d65a3ed492e < 39646d9bcd1a65d2396328026626859a1dab59d7
Linux 6.1