CVE-2023-54169
Description
In the Linux kernel, the following vulnerability has been resolved:
net/mlx5e: fix memory leak in mlx5e_ptp_open
When kvzalloc_node or kvzalloc failed in mlx5e_ptp_open, the memory pointed by "c" or "cparams" is not freed, which can lead to a memory leak. Fix by freeing the array in the error path.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Memory leak in mlx5e_ptp_open in Linux kernel when memory allocation fails, leading to potential resource exhaustion.
In the Linux kernel, a memory leak vulnerability exists in the mlx5e_ptp_open function within the mlx5e network driver. When memory allocation via kvzalloc_node or kvzalloc fails, the previously allocated memory pointed to by "c" or "cparams" is not freed, leading to a memory leak [1][2].
The vulnerability can be triggered by a local user or system process that causes the mlx5e_ptp_open function to be invoked under conditions where memory allocation fails. This requires the ability to interact with the network driver, typically through privileged operations or specific system configurations.
The impact is a gradual memory leak, which can lead to system resource exhaustion and potential denial of service over time. An attacker with local access could exploit this to degrade system performance or cause instability.
The fix, which frees the allocated memory in the error path, has been applied to the Linux kernel stable branches. Users are advised to update to the latest kernel versions to mitigate this vulnerability.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Patches
44892e1e548b583a8f7337a147035e3ae600cd543b649ffe5Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4News mentions
0No linked articles in our index yet.