PT-2025-37891 · Linux+2 · Linux Kernel+2

Published

2025-09-16

·

Updated

2025-11-19

·

CVE-2023-53286

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A flaw was discovered in the Linux kernel’s RDMA/mlx5 subsystem. Previously, when destroying a Queue Pair (QP) or Receive Queue (RQ), the firmware destruction result was ignored, and upper layers were not informed of failures. This could lead to issues, including kernel warnings, as upper layers continued operations assuming successful destruction when it had actually failed. The issue is now resolved by returning the correct firmware destruction status to upper layers, enabling proper handling of destruction failures for both RQs and QPs.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

BDU:2026-05889
CVE-2023-53286
OESA-2025-2407
SUSE-SU-2025:03600-1
SUSE-SU-2025:03615-1
SUSE-SU-2025:03628-1
SUSE-SU-2025:03634-1
SUSE-SU-2025:20851-1
SUSE-SU-2025:20861-1
SUSE-SU-2025:20870-1
SUSE-SU-2025:20898-1
SUSE-SU-2025:3716-1
SUSE-SU-2025:3751-1
SUSE-SU-2025:3761-1
SUSE-SU-2025:4057-1
SUSE-SU-2025:4132-1
SUSE-SU-2025:4141-1

Affected Products

Astra Linux
Linux Kernel
Suse