CVE-2023-53394

Summary

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5e: xsk: Fix crash on regular rq reactivation

When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received on the regular rq and a crash on the next close or deactivation of the rq.

Kal Cuttler Conely reported this issue as a crash on the release path when the xdpsock sample program is stopped (killed) and restarted in sequence while traffic is running.

This patch flushes all cqes when during the rq flush. The cqe flushing is done in the reset state of the rq. mlx5e_rq_to_ready code is moved into the flush function to allow for this.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux082a9edf12fef88400172e7d1b131d65a3ed492e < 02a84eb2af6bea7871cd34264fb27f141f005fd9affected
LinuxLinux082a9edf12fef88400172e7d1b131d65a3ed492e < 39646d9bcd1a65d2396328026626859a1dab59d7affected
LinuxLinux6.1affected
LinuxLinux0 < 6.1unaffected
LinuxLinux6.4.10 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References