CVE-2023-53105: 
Linux Kernel vulnerability analysis and mitigation

CVE-2023-53105 is a vulnerability discovered in the Linux kernel's net/mlx5e component, specifically related to a null-pointer dereference during cleanup operations. The vulnerability was published on May 2, 2025, affecting systems using the mlx5e network driver with tc flow offloading enabled (NVD, Wiz).

The vulnerability manifests during a specific module unload sequence where the peer uplink rep profile changes to a nic profile, causing the destruction of the neigh encap lock. Subsequently, when VF reps netdevs are unregistered, it triggers the deletion of the original non-peer tc flow, which in turn deletes the peer flow. The peer flow deletion attempts to detach the encap entry and access the already destroyed encap lock, leading to a null pointer dereference. The vulnerability has been assigned a CVSS v3.1 score of 5.5 (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) (Red Hat).

When exploited, this vulnerability can cause a kernel null pointer dereference, potentially leading to system crashes or denial of service conditions. The issue specifically affects systems using the mlx5e network driver with tc flow offloading enabled (Wiz).

The issue has been resolved by implementing a fix that clears peer flows during tc eswitch cleanup (mlx5etcesw_cleanup()). This ensures proper cleanup sequence and prevents the null pointer dereference condition. Various Linux distributions have released patches, with Debian 12 and 13 having fixes available, while some versions of Ubuntu and Red Hat Enterprise Linux are still pending updates (Debian, Red Hat).