CVE-2023-53393

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc4 for upstream base 2022 11 10 16 12 #1

Description A flaw exists in the Linux kernel's RDMA/mlx5 subsystem related to the handling of port numbers within the mlx5 ib get hw stats() function. Specifically, when used for a device (port num = 0), incorrect counter handling occurs, and subsequent functions assume port num is greater than or equal to 1, potentially leading to a page fault and system crash (oops).

Recommendations Update to a version newer than 6.1.0-rc4 for upstream base 2022 11 10 16 12 #1.

Exploit

Fix

Buffer Overflow

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787

Related Identifiers

ALSA-2025_16880

BDU:2026-03279

CESA-2023_2951

CVE-2023-53393

RHSA-2023:2458

RHSA-2023:2951

RHSA-2023_2458

RHSA-2023_2951

SUSE-SU-2025:03614-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3761-1

Affected Products

Astra Linux

Centos

Debian

Linux Kernel

Red Hat

Suse

CVE-2023-53393

Weakness Enumeration

Related Identifiers

Affected Products

References · 990