ghsa-q74c-c6q2-f852
Vulnerability from github
Published
2025-10-01 12:30
Modified
2025-10-01 12:30
Details

In the Linux kernel, the following vulnerability has been resolved:

net/mlx5: Unregister devlink params in case interface is down

Currently, in case an interface is down, mlx5 driver doesn't unregister its devlink params, which leads to this WARN[1]. Fix it by unregistering devlink params in that case as well.

[1] [ 295.244769 ] WARNING: CPU: 15 PID: 1 at net/core/devlink.c:9042 devlink_free+0x174/0x1fc [ 295.488379 ] CPU: 15 PID: 1 Comm: shutdown Tainted: G S OE 5.15.0-1017.19.3.g0677e61-bluefield #g0677e61 [ 295.509330 ] Hardware name: https://www.mellanox.com BlueField SoC/BlueField SoC, BIOS 4.2.0.12761 Jun 6 2023 [ 295.543096 ] pc : devlink_free+0x174/0x1fc [ 295.551104 ] lr : mlx5_devlink_free+0x18/0x2c [mlx5_core] [ 295.561816 ] sp : ffff80000809b850 [ 295.711155 ] Call trace: [ 295.716030 ] devlink_free+0x174/0x1fc [ 295.723346 ] mlx5_devlink_free+0x18/0x2c [mlx5_core] [ 295.733351 ] mlx5_sf_dev_remove+0x98/0xb0 [mlx5_core] [ 295.743534 ] auxiliary_bus_remove+0x2c/0x50 [ 295.751893 ] __device_release_driver+0x19c/0x280 [ 295.761120 ] device_release_driver+0x34/0x50 [ 295.769649 ] bus_remove_device+0xdc/0x170 [ 295.777656 ] device_del+0x17c/0x3a4 [ 295.784620 ] mlx5_sf_dev_remove+0x28/0xf0 [mlx5_core] [ 295.794800 ] mlx5_sf_dev_table_destroy+0x98/0x110 [mlx5_core] [ 295.806375 ] mlx5_unload+0x34/0xd0 [mlx5_core] [ 295.815339 ] mlx5_unload_one+0x70/0xe4 [mlx5_core] [ 295.824998 ] shutdown+0xb0/0xd8 [mlx5_core] [ 295.833439 ] pci_device_shutdown+0x3c/0xa0 [ 295.841651 ] device_shutdown+0x170/0x340 [ 295.849486 ] __do_sys_reboot+0x1f4/0x2a0 [ 295.857322 ] __arm64_sys_reboot+0x2c/0x40 [ 295.865329 ] invoke_syscall+0x78/0x100 [ 295.872817 ] el0_svc_common.constprop.0+0x54/0x184 [ 295.882392 ] do_el0_svc+0x30/0xac [ 295.889008 ] el0_svc+0x48/0x160 [ 295.895278 ] el0t_64_sync_handler+0xa4/0x130 [ 295.903807 ] el0t_64_sync+0x1a4/0x1a8 [ 295.911120 ] ---[ end trace 4f1d2381d00d9dce ]---

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2023-53507"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-10-01T12:15:54Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Unregister devlink params in case interface is down\n\nCurrently, in case an interface is down, mlx5 driver doesn\u0027t\nunregister its devlink params, which leads to this WARN[1].\nFix it by unregistering devlink params in that case as well.\n\n[1]\n[  295.244769 ] WARNING: CPU: 15 PID: 1 at net/core/devlink.c:9042 devlink_free+0x174/0x1fc\n[  295.488379 ] CPU: 15 PID: 1 Comm: shutdown Tainted: G S         OE 5.15.0-1017.19.3.g0677e61-bluefield #g0677e61\n[  295.509330 ] Hardware name: https://www.mellanox.com BlueField SoC/BlueField SoC, BIOS 4.2.0.12761 Jun  6 2023\n[  295.543096 ] pc : devlink_free+0x174/0x1fc\n[  295.551104 ] lr : mlx5_devlink_free+0x18/0x2c [mlx5_core]\n[  295.561816 ] sp : ffff80000809b850\n[  295.711155 ] Call trace:\n[  295.716030 ]  devlink_free+0x174/0x1fc\n[  295.723346 ]  mlx5_devlink_free+0x18/0x2c [mlx5_core]\n[  295.733351 ]  mlx5_sf_dev_remove+0x98/0xb0 [mlx5_core]\n[  295.743534 ]  auxiliary_bus_remove+0x2c/0x50\n[  295.751893 ]  __device_release_driver+0x19c/0x280\n[  295.761120 ]  device_release_driver+0x34/0x50\n[  295.769649 ]  bus_remove_device+0xdc/0x170\n[  295.777656 ]  device_del+0x17c/0x3a4\n[  295.784620 ]  mlx5_sf_dev_remove+0x28/0xf0 [mlx5_core]\n[  295.794800 ]  mlx5_sf_dev_table_destroy+0x98/0x110 [mlx5_core]\n[  295.806375 ]  mlx5_unload+0x34/0xd0 [mlx5_core]\n[  295.815339 ]  mlx5_unload_one+0x70/0xe4 [mlx5_core]\n[  295.824998 ]  shutdown+0xb0/0xd8 [mlx5_core]\n[  295.833439 ]  pci_device_shutdown+0x3c/0xa0\n[  295.841651 ]  device_shutdown+0x170/0x340\n[  295.849486 ]  __do_sys_reboot+0x1f4/0x2a0\n[  295.857322 ]  __arm64_sys_reboot+0x2c/0x40\n[  295.865329 ]  invoke_syscall+0x78/0x100\n[  295.872817 ]  el0_svc_common.constprop.0+0x54/0x184\n[  295.882392 ]  do_el0_svc+0x30/0xac\n[  295.889008 ]  el0_svc+0x48/0x160\n[  295.895278 ]  el0t_64_sync_handler+0xa4/0x130\n[  295.903807 ]  el0t_64_sync+0x1a4/0x1a8\n[  295.911120 ] ---[ end trace 4f1d2381d00d9dce  ]---",
  "id": "GHSA-q74c-c6q2-f852",
  "modified": "2025-10-01T12:30:30Z",
  "published": "2025-10-01T12:30:30Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53507"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/471f59b3455314f0cafacf3096453727876355a9"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/53d737dfd3d7b023fa9fa445ea3f3db0ac9da402"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.