5.5
CVE-2023-53414
- EPSS 0.14%
- Veröffentlicht 18.09.2025 13:58:51
- Zuletzt bearbeitet 14.01.2026 20:15:59
- CVE-Watchlists
- Unerledigt
scsi: snic: Fix memory leak with using debugfs_lookup()
In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version < 5.15.99
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.16
Linux ≫ Linux Kernel Version >= 6.2 < 6.2.3
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.033 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/5a46d8bdaf03e8a4bb83f0c363326d9aa66cc122
https://git.kernel.org/stable/c/3dec769caf337c55814fbf79ec8c91a3cce23bf3
https://git.kernel.org/stable/c/995424f59ab52fb432b26ccb3abced63745ea041
https://git.kernel.org/stable/c/ad0e4e2fab928477f74d742e6e77d79245d3d3e7