Use-after-free Vulnerability in Linux Kernel Affects Mellanox Devices
CVE-2023-53398

7.8HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 September 2025

What is CVE-2023-53398?

A vulnerability in the Linux kernel was discovered that can lead to a use-after-free condition in Mellanox devices. This issue arises when FIFO indexes are not properly validated during pop operations, particularly during a re-sync action. If a queue is empty, the lack of checks can result in unintended memory access, enabling potential exploitation. To mitigate this, specific checks and counters have been implemented to prevent the resync operation from occurring if the socket buffer (SKB) cannot exist in the FIFO due to out-of-order complete queue entries (CQE), ensuring proper management of FIFO pointers.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 58a518948f60153e8f6cb8361d2712aa3a1af94a < 52e6e7a0bc04c85012a9251c7cf2d444a77eb966

Linux 58a518948f60153e8f6cb8361d2712aa3a1af94a < 6afdedc4e66e3846ce497744f01b95c34bf39d21

Linux 58a518948f60153e8f6cb8361d2712aa3a1af94a < 3a50cf1e8e5157b82268eee7e330dbe5736a0948

References

https://git.kernel.org/stable/c/52e6e7a0bc04c85012a9251c7...
https://git.kernel.org/stable/c/6afdedc4e66e3846ce497744f...
https://git.kernel.org/stable/c/3a50cf1e8e5157b82268eee7e...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.