CVE-2023-53079

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
02/05/2025
Last modified:
05/05/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net/mlx5: Fix steering rules cleanup<br /> <br /> vport&amp;#39;s mc, uc and multicast rules are not deleted in teardown path when<br /> EEH happens. Since the vport&amp;#39;s promisc settings(uc, mc and all) in<br /> firmware are reset after EEH, mlx5 driver will try to delete the above<br /> rules in the initialization path. This cause kernel crash because these<br /> software rules are no longer valid.<br /> <br /> Fix by nullifying these rules right after delete to avoid accessing any dangling<br /> pointers.<br /> <br /> Call Trace:<br /> __list_del_entry_valid+0xcc/0x100 (unreliable)<br /> tree_put_node+0xf4/0x1b0 [mlx5_core]<br /> tree_remove_node+0x30/0x70 [mlx5_core]<br /> mlx5_del_flow_rules+0x14c/0x1f0 [mlx5_core]<br /> esw_apply_vport_rx_mode+0x10c/0x200 [mlx5_core]<br /> esw_update_vport_rx_mode+0xb4/0x180 [mlx5_core]<br /> esw_vport_change_handle_locked+0x1ec/0x230 [mlx5_core]<br /> esw_enable_vport+0x130/0x260 [mlx5_core]<br /> mlx5_eswitch_enable_sriov+0x2a0/0x2f0 [mlx5_core]<br /> mlx5_device_enable_sriov+0x74/0x440 [mlx5_core]<br /> mlx5_load_one+0x114c/0x1550 [mlx5_core]<br /> mlx5_pci_resume+0x68/0xf0 [mlx5_core]<br /> eeh_report_resume+0x1a4/0x230<br /> eeh_pe_dev_traverse+0x98/0x170<br /> eeh_handle_normal_event+0x3e4/0x640<br /> eeh_handle_event+0x4c/0x370<br /> eeh_event_handler+0x14c/0x210<br /> kthread+0x168/0x1b0<br /> ret_from_kernel_thread+0x5c/0x84

Impact