CVE-2023-53539

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description An issue exists in the Linux kernel’s RDMA/rxe component where incomplete state saving in the rxe requester() function can lead to corrupted resent packets under heavy stress testing. Specifically, when a send packet is dropped by the IP layer, the attempt to resend the packet fails to fully restore the state of the work queue element (WQE), particularly the dma struct used for processing the scatter-gather element (SGE) table. This incomplete restoration results in data corruption during resending. The issue occurs when many queues are sending large messages to a slower node, causing packets to be dropped and subsequently resent with incorrect data. The rxe xmit packet() function can fail with an error code of -EAGAIN, triggering the incomplete state restoration.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.