CVE-2023-52667

Published: May 17, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fs_any_create_groups When kcalloc() for ft->g succeeds but kvzalloc() for in fails, fs_any_create_groups() will free ft->g. However, its caller fs_any_create_table() will free ft->g again through calling mlx5e_destroy_flow_table(), which will lead to a double-free. Fix this by setting ft->g to NULL in fs_any_create_groups().

Vendor	Product	Versions
Linux	Linux	affected `0f575c20bf0686caf3d82d6c626c2e1e4a4c36e6 - < 72a729868592752b5a294d27453da264106983b1` affected `0f575c20bf0686caf3d82d6c626c2e1e4a4c36e6 - < b2fa86b2aceb4bc9ada51cea90f61546d7512cbe` affected `0f575c20bf0686caf3d82d6c626c2e1e4a4c36e6 - < 2897c981ee63e1be5e530b1042484626a10b26d8` affected `0f575c20bf0686caf3d82d6c626c2e1e4a4c36e6 - < 65a4ade8a6d205979292e88beeb6a626ddbd4779` affected `0f575c20bf0686caf3d82d6c626c2e1e4a4c36e6 - < aef855df7e1bbd5aa4484851561211500b22707e`
Linux	Linux	affected `5.13` unaffected `0 - < 5.13` unaffected `5.15.149 - <= 5.15.` unaffected `6.1.76 - <= 6.1.` unaffected `6.6.15 - <= 6.6.*` +2 more versions

References

https://git.kernel.org/stable/c/72a729868592752b5a294d27453da264106983b1

https://git.kernel.org/stable/c/b2fa86b2aceb4bc9ada51cea90f61546d7512cbe

https://git.kernel.org/stable/c/2897c981ee63e1be5e530b1042484626a10b26d8

https://git.kernel.org/stable/c/65a4ade8a6d205979292e88beeb6a626ddbd4779

https://git.kernel.org/stable/c/aef855df7e1bbd5aa4484851561211500b22707e

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-52667

Description

Affected Products

References