CVE-2023-52667 is a vulnerability identified in the Linux kernel, specifically within the mlx5e network driver code responsible for managing flow tables. The issue arises in the function fs_any_create_groups(), which handles the creation of flow groups. During the allocation process, if the initial memory allocation via kcalloc() for ft->g succeeds but the subsequent kvzalloc() for another structure fails, fs_any_create_groups() frees the previously allocated ft->g. However, the caller function fs_any_create_table() also attempts to free ft->g by invoking mlx5e_destroy_flow_table(), resulting in a double-free condition. This double-free vulnerability can lead to undefined behavior including potential kernel crashes, memory corruption, or exploitation opportunities such as privilege escalation or denial of service. The fix involves setting ft->g to NULL after it is freed in fs_any_create_groups(), preventing the second free attempt. This vulnerability affects Linux kernel versions prior to the patch and is related to the Mellanox mlx5 Ethernet driver, which is commonly used in high-performance networking environments. No known exploits are currently reported in the wild, and no CVSS score has been assigned yet.

For European organizations, the impact of CVE-2023-52667 can be significant, especially for those relying on Linux servers with Mellanox network adapters or similar hardware using the mlx5e driver. Potential impacts include system instability due to kernel crashes, denial of service conditions, and the risk of attackers exploiting the double-free to execute arbitrary code or escalate privileges on critical infrastructure. This is particularly concerning for data centers, cloud service providers, and enterprises running high-performance computing or networking workloads. Given the kernel-level nature of the vulnerability, successful exploitation could compromise confidentiality, integrity, and availability of affected systems. The absence of known exploits reduces immediate risk, but the vulnerability should be treated seriously due to the potential severity of kernel memory corruption issues.

European organizations should prioritize applying the official Linux kernel patches that address CVE-2023-52667 as soon as they become available. Specifically, updating to the latest stable kernel versions containing the fix is critical. For environments where immediate patching is challenging, organizations should audit their use of Mellanox mlx5 network drivers and consider temporary mitigations such as disabling or limiting the use of affected network interfaces if feasible. Monitoring kernel logs for unusual errors related to mlx5e and implementing strict access controls to limit unprivileged user access can reduce exploitation risk. Additionally, organizations should maintain robust backup and recovery procedures to mitigate potential denial of service impacts. Coordinating with hardware vendors for firmware updates and driver patches is also recommended to ensure comprehensive remediation.