Linux Kernel Vulnerability in mlx5e Driver Affecting Network Traffic Handling
CVE-2023-53394

5.5MEDIUM

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 September 2025

What is CVE-2023-53394?

A vulnerability in the Linux kernel's mlx5e driver has been identified, concerning the improper handling of request queues (rqs) when XSK sockets are closed. Specifically, a crash may occur when the regular rq is reactivated after an XSK socket has been shut down, leading to the reading of stale completion queue entries (cqes) and ultimately resulting in a disruption of network traffic. This situation can cause system instability manifested by crashes upon closing or deactivating the rq. To address this issue, a patch has been implemented that ensures all cqes are flushed during the rq flushing process, thereby preventing potential data corruption and enhancing the overall reliability of network traffic management.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 082a9edf12fef88400172e7d1b131d65a3ed492e < 02a84eb2af6bea7871cd34264fb27f141f005fd9

Linux 082a9edf12fef88400172e7d1b131d65a3ed492e < 39646d9bcd1a65d2396328026626859a1dab59d7

Linux 6.1

References

https://git.kernel.org/stable/c/02a84eb2af6bea7871cd34264...
https://git.kernel.org/stable/c/39646d9bcd1a65d2396328026...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.