CVE-2023-53546 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx when mlx5_cmd_exec failed in mlx5dr_cmd_create_reformat_ctx, the memory pointed by 'in' is not released, which will cause memory leak. Move memory release after mlx5_cmd_exec.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/00cecb0a8f9e7a21754d5ad85813ab6b47b3308f
https://git.kernel.org/stable/c/165159854757dbae0dfd1812b27051da35aa6223
https://git.kernel.org/stable/c/3169c3854397f3070a63b1b772db16dcb8cba7b4
https://git.kernel.org/stable/c/5dd77585dd9d0e03dd1bceb95f0269a7eaf6b936
https://git.kernel.org/stable/c/622d71d99124e69f7bf2e2b7a89f5f444a24d235
https://git.kernel.org/stable/c/800d8c96bf997da5eb76ccf8d88795c4231c83fb
https://lore.kernel.org/linux-cve-announce/2025100445-CVE-2023-53546-a432@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-53546
https://www.cve.org/CVERecord?id=CVE-2023-53546

History

Mon, 06 Oct 2025 22:45:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025100445-CVE-2023-53546-a432@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-53546 https://www.cve.org/CVERecord?id=CVE-2023-53546
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Moderate`

Mon, 06 Oct 2025 14:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Sat, 04 Oct 2025 15:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx when mlx5_cmd_exec failed in mlx5dr_cmd_create_reformat_ctx, the memory pointed by 'in' is not released, which will cause memory leak. Move memory release after mlx5_cmd_exec.
Title		net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx
References		https://git.kernel.org/stable/c/00cecb0a8f9e7a21754d5ad85813ab6b47b3308f https://git.kernel.org/stable/c/165159854757dbae0dfd1812b27051da35aa6223 https://git.kernel.org/stable/c/3169c3854397f3070a63b1b772db16dcb8cba7b4 https://git.kernel.org/stable/c/5dd77585dd9d0e03dd1bceb95f0269a7eaf6b936 https://git.kernel.org/stable/c/622d71d99124e69f7bf2e2b7a89f5f444a24d235 https://git.kernel.org/stable/c/800d8c96bf997da5eb76ccf8d88795c4231c83fb

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-04T15:16:54.132Z

Updated: 2025-10-04T15:16:54.132Z

Reserved: 2025-10-04T15:14:15.921Z

Link: CVE-2023-53546

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-10-04T16:15:49.747

Modified: 2025-10-06T14:56:21.733

Link: CVE-2023-53546

Redhat

Severity : Moderate

Publid Date: 2025-10-04T00:00:00Z

Links: CVE-2023-53546 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object