{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-54133", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-24T13:02:52.522Z", "datePublished": "2025-12-24T13:06:49.919Z", "dateUpdated": "2025-12-24T13:06:49.919Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-24T13:06:49.919Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: clean mc addresses in application firmware when closing port\n\nWhen moving devices from one namespace to another, mc addresses are\ncleaned in software while not removed from application firmware. Thus\nthe mc addresses are remained and will cause resource leak.\n\nNow use `__dev_mc_unsync` to clean mc addresses when closing port."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/netronome/nfp/nfp_net_common.c"], "versions": [{"version": "e20aa071cd955aabc15be0ec1e914283592ddef4", "lessThan": "c427221733d49fd1e1b79b4a86746acf3ef660e7", "status": "affected", "versionType": "git"}, {"version": "e20aa071cd955aabc15be0ec1e914283592ddef4", "lessThan": "cc7eab25b1cf3f9594fe61142d3523ce4d14a788", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/netronome/nfp/nfp_net_common.c"], "versions": [{"version": "6.2", "status": "affected"}, {"version": "0", "lessThan": "6.2", "status": "unaffected", "versionType": "semver"}, {"version": "6.4.5", "lessThanOrEqual": "6.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.4.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/c427221733d49fd1e1b79b4a86746acf3ef660e7"}, {"url": "https://git.kernel.org/stable/c/cc7eab25b1cf3f9594fe61142d3523ce4d14a788"}], "title": "nfp: clean mc addresses in application firmware when closing port", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: clean mc addresses in application firmware when closing port\n\nWhen moving devices from one namespace to another, mc addresses are\ncleaned in software while not removed from application firmware. Thus\nthe mc addresses are remained and will cause resource leak.\n\nNow use `__dev_mc_unsync` to clean mc addresses when closing port."}], "id": "CVE-2023-54133", "lastModified": "2025-12-24T13:16:15.283", "metrics": {}, "published": "2025-12-24T13:16:15.283", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c427221733d49fd1e1b79b4a86746acf3ef660e7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/cc7eab25b1cf3f9594fe61142d3523ce4d14a788"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{"bugzilla": {"description": "kernel: nfp: clean mc addresses in application firmware when closing port", "id": "2425087", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425087"}, "csaw": false, "details": ["No description is available for this CVE."], "name": "CVE-2023-54133", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-54133\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-54133\nhttps://lore.kernel.org/linux-cve-announce/2025122420-CVE-2023-54133-dc22@gregkh/T"]}

{}