CVE-2023-54238

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to memory management within the mlx5 driver. Specifically, a memory leak occurs during Precision Time Protocol (PTP) resynchronization operations, where SKBs (Socket Buffer) are not properly freed after being removed from the FIFO. This leak happens because SKBs are popped from the FIFO but are neither freed by napi consume nor dev kfree skb any. Additionally, an error in the mlx5e skb fifo has room() function, involving type promotion during counter subtraction, can lead to incorrect checks and further contribute to the SKB leak. The function napi consume skb is used to properly free SKBs.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.