CVE-2023-54201

In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially free memory regions allocated for the object and then request the device to destroy the object. If the device fails, the object isn't fully destroyed so the user/IB core can try to destroy the object again which will lead to underflow when trying to decrease an already zeroed refcount. Deallocate resources in reverse order of allocating them to safely free them.

Package Linux Kernel
Published 2025-12-30
Last modified 2026-04-15
Patch available
Yes

Affected versions

Linux kernel versions 5.7 and later are affected. Fixed in 6.1.53, 6.4.16, 6.5.3, 6.6 and their respective stable series.

Affected from
≥ 5.7
Fixed in
✓ 6.1.53 6.1.x ✓ 6.4.16 6.4.x ✓ 6.5.3 6.5.x ✓ 6.6

References

The following references provide additional information about CVE-2023-54201 including vendor advisories, patch commits, exploit details, and third-party analysis. Links are sourced from the NIST NVD database.

4 patch commits total View all on NVD

Frequently asked questions

  • What is CVE-2023-54201?

    CVE-2023-54201 is a unscored severity Linux kernel vulnerability . It affects Linux kernel versions from 5.7 onward and has been patched in 6.1.53, 6.4.16, 6.5.3 and others. CVE-2023-54201 has not been confirmed as actively exploited and is not listed in the CISA KEV catalog.

  • Is there a patch available for CVE-2023-54201?

    Yes — CVE-2023-54201 has been patched. Fixed versions include 6.1.53, 6.4.16, 6.5.3 and others. If you are running Linux kernel 5.7 or later up to the fix versions, apply the relevant patch for your kernel branch.

  • Is CVE-2023-54201 actively exploited?

    No — CVE-2023-54201 has not been confirmed as actively exploited. It is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.

Back to
All CVEs
View on
NVD / NIST