CVE-2023-54201 (GCVE-0-2023-54201)
Vulnerability from cvelistv5
Published
2025-12-30 12:09
Modified
2025-12-30 12:09
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If the device fails, the object isn't fully destroyed so the user/IB core can try to destroy the object again which will lead to underflow when trying to decrease an already zeroed refcount. Deallocate resources in reverse order of allocating them to safely free them.
References
Impacted products
Vendor Product Version
Linux Linux Version: ff6629f88c529b07d9704c656c64dae76910e3e9
Version: ff6629f88c529b07d9704c656c64dae76910e3e9
Version: ff6629f88c529b07d9704c656c64dae76910e3e9
Version: ff6629f88c529b07d9704c656c64dae76910e3e9
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/efa/efa_verbs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "cf38960386f3cc4abf395e556af915e4babcafd2",
              "status": "affected",
              "version": "ff6629f88c529b07d9704c656c64dae76910e3e9",
              "versionType": "git"
            },
            {
              "lessThan": "e79db2f51a564fd4daa3e508b987df5e81c34b20",
              "status": "affected",
              "version": "ff6629f88c529b07d9704c656c64dae76910e3e9",
              "versionType": "git"
            },
            {
              "lessThan": "24f9884971f9b34915b67baacf7350a3f6f19ea4",
              "status": "affected",
              "version": "ff6629f88c529b07d9704c656c64dae76910e3e9",
              "versionType": "git"
            },
            {
              "lessThan": "dc202c57e9a1423aed528e4b8dc949509cd32191",
              "status": "affected",
              "version": "ff6629f88c529b07d9704c656c64dae76910e3e9",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/hw/efa/efa_verbs.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.53",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.53",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.16",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.3",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/efa: Fix wrong resources deallocation order\n\nWhen trying to destroy QP or CQ, we first decrease the refcount and\npotentially free memory regions allocated for the object and then\nrequest the device to destroy the object. If the device fails, the\nobject isn\u0027t fully destroyed so the user/IB core can try to destroy the\nobject again which will lead to underflow when trying to decrease an\nalready zeroed refcount.\n\nDeallocate resources in reverse order of allocating them to safely free\nthem."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-30T12:09:06.211Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/cf38960386f3cc4abf395e556af915e4babcafd2"
        },
        {
          "url": "https://git.kernel.org/stable/c/e79db2f51a564fd4daa3e508b987df5e81c34b20"
        },
        {
          "url": "https://git.kernel.org/stable/c/24f9884971f9b34915b67baacf7350a3f6f19ea4"
        },
        {
          "url": "https://git.kernel.org/stable/c/dc202c57e9a1423aed528e4b8dc949509cd32191"
        }
      ],
      "title": "RDMA/efa: Fix wrong resources deallocation order",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54201",
    "datePublished": "2025-12-30T12:09:06.211Z",
    "dateReserved": "2025-12-30T12:06:44.499Z",
    "dateUpdated": "2025-12-30T12:09:06.211Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-54201\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-12-30T13:16:08.210\",\"lastModified\":\"2025-12-31T20:43:05.160\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nRDMA/efa: Fix wrong resources deallocation order\\n\\nWhen trying to destroy QP or CQ, we first decrease the refcount and\\npotentially free memory regions allocated for the object and then\\nrequest the device to destroy the object. If the device fails, the\\nobject isn\u0027t fully destroyed so the user/IB core can try to destroy the\\nobject again which will lead to underflow when trying to decrease an\\nalready zeroed refcount.\\n\\nDeallocate resources in reverse order of allocating them to safely free\\nthem.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/24f9884971f9b34915b67baacf7350a3f6f19ea4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/cf38960386f3cc4abf395e556af915e4babcafd2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/dc202c57e9a1423aed528e4b8dc949509cd32191\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e79db2f51a564fd4daa3e508b987df5e81c34b20\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.