| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025122431-CVE-2023-54015-13a3@gregkh> Date: Wed, 24 Dec 2025 11:56:59 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-54015: net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Devcom, fix error flow in mlx5_devcom_register_device In case devcom allocation is failed, mlx5 is always freeing the priv. However, this priv might have been allocated by a different thread, and freeing it might lead to use-after-free bugs. Fix it by freeing the priv only in case it was allocated by the running thread. The Linux kernel CVE team has assigned CVE-2023-54015 to this issue. Affected and fixed versions =========================== Issue introduced in 5.0 with commit fadd59fc50d010145f251db583c7ccef37393d19 and fixed in 5.4.244 with commit 3dfc1004d9afbf689087ae1eafd88f55481984c7 Issue introduced in 5.0 with commit fadd59fc50d010145f251db583c7ccef37393d19 and fixed in 5.10.181 with commit d4d10a6df1529b3f446cdada5c25e065f4712756 Issue introduced in 5.0 with commit fadd59fc50d010145f251db583c7ccef37393d19 and fixed in 5.15.114 with commit 1e755065368000205e6683fa924b2654e99f573b Issue introduced in 5.0 with commit fadd59fc50d010145f251db583c7ccef37393d19 and fixed in 6.1.31 with commit eaa365c10459052cbe3e44caa4ad760cb93bd435 Issue introduced in 5.0 with commit fadd59fc50d010145f251db583c7ccef37393d19 and fixed in 6.3.5 with commit a3a516caef2c5be2f4d171890a8b3415bfab4e5e Issue introduced in 5.0 with commit fadd59fc50d010145f251db583c7ccef37393d19 and fixed in 6.4 with commit af87194352cad882d787d06fb7efa714acd95427 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-54015 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/ethernet/mellanox/mlx5/core/lib/devcom.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/3dfc1004d9afbf689087ae1eafd88f55481984c7 https://git.kernel.org/stable/c/d4d10a6df1529b3f446cdada5c25e065f4712756 https://git.kernel.org/stable/c/1e755065368000205e6683fa924b2654e99f573b https://git.kernel.org/stable/c/eaa365c10459052cbe3e44caa4ad760cb93bd435 https://git.kernel.org/stable/c/a3a516caef2c5be2f4d171890a8b3415bfab4e5e https://git.kernel.org/stable/c/af87194352cad882d787d06fb7efa714acd95427
Powered by blists - more mailing lists