CVE-2023-54262

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue within the mlx5e module related to flow post action attributes. The code unnecessarily clones these attributes, leading to a use-after-free condition. This occurs because the second copy of the attribute is not properly updated during neigh update operations. The issue can result in errors such as 'bad resource state' and failures when adding post action rules, potentially impacting network functionality. The mlx5 cmd set fte function is implicated in the error reports.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.