VDB

DEBIAN-CVE-2023-52667

DEBIAN-CVE-2023-52667 PUBLISHED CVSS 7.800000190734863 HIGH

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fs_any_create_groups When kcalloc() for ft->g succeeds but kvzalloc() for in fails, fs_any_create_groups() will free ft->g. However, its caller fs_any_create_table() will free ft->g again through calling mlx5e_destroy_flow_table(), which will lead to a double-free. Fix this by setting ft->g to NULL in fs_any_create_groups().

Risk Scores

CVSS 3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Debian:14linux0, 0, 0
Debian:13linux0, 0, 0
Debian:12linux6.1.38-3, 6.1.38-4~bpo11+1, 6.1.52-1

Timeline

  • May 17, 2024 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›