A vulnerability was found in Linux Kernel where, a memory leak in the mlx5_fpga_conn_create_cq() function in drivers/net/ethernet/mellanox/mlx5/core/fpga/conn.c allows attackers to cause a denial of service (memory consumption) by triggering mlx5_vector2eqn() failures.
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 1774984]
This was fixed for Fedora with the 5.3.11 stable kernel update.
In order to mitigate this issue it is possible to prevent the affected code from being loaded by blacklisting the kernel module mlx5_core. For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 .
This issue is rated as having Moderate impact because of the privileges needed to trigger the resource cleanup code path.