CVE-2023-52667

May 17, 2024, 6:35 p.m.

None
No Score

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fs_any_create_groups When kcalloc() for ft->g succeeds but kvzalloc() for in fails, fs_any_create_groups() will free ft->g. However, its caller fs_any_create_table() will free ft->g again through calling mlx5e_destroy_flow_table(), which will lead to a double-free. Fix this by setting ft->g to NULL in fs_any_create_groups().

Product(s) Impacted

Product Versions
Linux Kernel
  • []

Weaknesses

Common security weaknesses mapped to this vulnerability.

References

https://git.kernel.org/stable/c/2897c981ee63e1be5e530b1042484626a10b26d8
https://git.kernel.org/stable/c/65a4ade8a6d205979292e88beeb6a626ddbd4779
https://git.kernel.org/stable/c/72a729868592752b5a294d27453da264106983b1
https://git.kernel.org/stable/c/aef855df7e1bbd5aa4484851561211500b22707e
https://git.kernel.org/stable/c/b2fa86b2aceb4bc9ada51cea90f61546d7512cbe

Tags

416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-05-17
CVE-2023-52667

Timeline

Published: May 17, 2024, 2:15 p.m.
Last Modified: May 17, 2024, 6:35 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

416baaa9-dc9f-4396-8d5f-8c081fb06d67

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.