5.5
CVE-2023-53423
- EPSS 0.14%
- Veröffentlicht 18.09.2025 16:15:46
- Zuletzt bearbeitet 14.01.2026 20:16:01
- CVE-Watchlists
- Unerledigt
objtool: Fix memory leak in create_static_call_sections()
In the Linux kernel, the following vulnerability has been resolved: objtool: Fix memory leak in create_static_call_sections() strdup() allocates memory for key_name. We need to release the memory in the following error paths. Add free() to avoid memory leak.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.10 < 5.10.173
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.100
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.18
Linux ≫ Linux Kernel Version >= 6.2 < 6.2.5
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.033 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/3a75866a5ceff5d4fdd5471e06c4c4d03e0298b3
https://git.kernel.org/stable/c/3da73f102309fe29150e5c35acd20dd82063ff67
https://git.kernel.org/stable/c/a1368eaea058e451d20ea99ca27e72d9df0d16dd
https://git.kernel.org/stable/c/a8f63d747bf7c983882a5ea7456a5f84ad3acad5
https://git.kernel.org/stable/c/d131718d9c45d559951f57c4b88209ca407433c4