-
CVE-2023-53271
- EPSS 0.03%
- Veröffentlicht 16.09.2025 08:07:00
- Zuletzt bearbeitet 16.09.2025 12:49:16
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- Teams Watchlist Login
- Unerledigt Login
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() There is a memory leaks problem reported by kmemleak: unreferenced object 0xffff888102007a00 (size 128): comm "ubirsvol", pid 32090, jiffies 4298464136 (age 2361.231s) hex dump (first 32 bytes): ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ backtrace: [<ffffffff8176cecd>] __kmalloc+0x4d/0x150 [<ffffffffa02a9a36>] ubi_eba_create_table+0x76/0x170 [ubi] [<ffffffffa029764e>] ubi_resize_volume+0x1be/0xbc0 [ubi] [<ffffffffa02a3321>] ubi_cdev_ioctl+0x701/0x1850 [ubi] [<ffffffff81975d2d>] __x64_sys_ioctl+0x11d/0x170 [<ffffffff83c142a5>] do_syscall_64+0x35/0x80 [<ffffffff83e0006a>] entry_SYSCALL_64_after_hwframe+0x46/0xb0 This is due to a mismatch between create and destroy interfaces, and in detail that "new_eba_tbl" created by ubi_eba_create_table() but destroyed by kfree(), while will causing "new_eba_tbl->entries" not freed. Fix it by replacing kfree(new_eba_tbl) with ubi_eba_destroy_table(new_eba_tbl)
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
09780a44093b53f9cbca76246af2e4ff0884e512
Version
799dca34ac543485f581bd8464ec9b1c4f0f852a
Status
affected
Version <
26ec2d66aecab8ff997b912c20247fedba4f5740
Version
799dca34ac543485f581bd8464ec9b1c4f0f852a
Status
affected
Version <
07b60f7452d2fa731737552937cb81821919f874
Version
799dca34ac543485f581bd8464ec9b1c4f0f852a
Status
affected
Version <
31d60afe2cc2b712dbefcaab6b7d6a47036f844e
Version
799dca34ac543485f581bd8464ec9b1c4f0f852a
Status
affected
Version <
95a72417dd13ebcdcb1bd0c5d4d15f7c5bfbb288
Version
799dca34ac543485f581bd8464ec9b1c4f0f852a
Status
affected
Version <
27b760b81951d8d5e5c952a696af8574052b0709
Version
799dca34ac543485f581bd8464ec9b1c4f0f852a
Status
affected
Version <
5c0c81a313492b83bd0c038b8839b0e04eb87563
Version
799dca34ac543485f581bd8464ec9b1c4f0f852a
Status
affected
Version <
1e591ea072df7211f64542a09482b5f81cb3ad27
Version
799dca34ac543485f581bd8464ec9b1c4f0f852a
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
4.9
Status
affected
Version <
4.9
Version
0
Status
unaffected
Version <=
4.14.*
Version
4.14.308
Status
unaffected
Version <=
4.19.*
Version
4.19.276
Status
unaffected
Version <=
5.4.*
Version
5.4.235
Status
unaffected
Version <=
5.10.*
Version
5.10.173
Status
unaffected
Version <=
5.15.*
Version
5.15.100
Status
unaffected
Version <=
6.1.*
Version
6.1.18
Status
unaffected
Version <=
6.2.*
Version
6.2.5
Status
unaffected
Version <=
*
Version
6.3
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.078 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|