Lucene search

K
redhatcveRedhat.comRH:CVE-2023-52667
HistoryMay 18, 2024 - 2:09 a.m.

CVE-2023-52667

2024-05-1802:09:25
redhat.com
access.redhat.com
4
linux kernel
double-free vulnerability
fs_any_create_groups
mitigation

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fs_any_create_groups When kcalloc() for ft->g succeeds but kvzalloc() for in fails, fs_any_create_groups() will free ft->g. However, its caller fs_any_create_table() will free ft->g again through calling mlx5e_destroy_flow_table(), which will lead to a double-free. Fix this by setting ft->g to NULL in fs_any_create_groups().

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%