CVE-2023-53079: 
Linux Kernel vulnerability analysis and mitigation

CVE-2023-53079 is a vulnerability discovered in the Linux kernel's MLX5 network driver, specifically affecting the handling of steering rules cleanup. The issue was identified and documented on May 2, 2025, impacting the vport's multicast, unicast, and multicast rules handling during Enhanced Error Handling (EEH) events (NVD, Wiz).

The vulnerability occurs when vport's promisc settings (unicast, multicast, and all) in firmware are reset after an EEH event. When this happens, the MLX5 driver attempts to delete these rules during the initialization path. However, since these software rules are no longer valid, this leads to a kernel crash due to accessing dangling pointers. The issue manifests in the MLX5 driver's steering rules cleanup process. According to Red Hat's assessment, this vulnerability has been assigned a CVSS v3.1 base score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) (Red Hat).

When exploited, this vulnerability results in a kernel crash, which can lead to system instability and potential denial of service. The crash occurs specifically in the MLX5 driver's steering rules cleanup process, affecting system reliability and availability (Wiz).

The issue has been fixed in the Linux kernel through a patch that modifies the handling of steering rules cleanup. The fix involves nullifying rules right after deletion to avoid accessing any dangling pointers. Updated kernel versions with the patch are available in various distributions, including Debian's bullseye (5.10.234-1) and bookworm (6.1.135-1) releases (Debian Security).