CVE-2023-53716

EPSS 0.04%
Veröffentlicht 22.10.2025 13:23:49
Zuletzt bearbeitet 22.10.2025 21:12:48
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

net: fix skb leak in __skb_tstamp_tx()

Commit 50749f2dd685 ("tcp/udp: Fix memleaks of sk and zerocopy skbs with
TX timestamp.") added a call to skb_orphan_frags_rx() to fix leaks with
zerocopy skbs. But it ended up adding a leak of its own. When
skb_orphan_frags_rx() fails, the function just returns, leaking the skb
it just cloned. Free it before returning.

This bug was discovered and resolved using Coverity Static Analysis
Security Testing (SAST) by Synopsys, Inc.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 82501f1ead557cbee1c2467654ec109a80334d22

Version 281072fb2a7294cde7acbf5375b879f40a8001b7

Status affected

Version < 779332447108545ef04682ea29af5f85c0202aee

Version 1f69c086b20e27763af28145981435423f088268

Status affected

Version < 58766252f6b2c0487cda6976a53d2bb03ae28e2a

Version 602fa8af44fd55a58f9e94eb673e8adad2c6cc46

Status affected

Version < a594382ec6d0cc8cff5a8bc7e61b54e3858fb243

Version 230a5ed7d813fb516de81d23f09d7506753e41e9

Status affected

Version < e06841a2abf9c82735cee39e88b1d79464088840

Version 43e4197dd5f6b474a8b16f8b6a42cd45cf4f9d1a

Status affected

Version < cc18b4685910d5d9de8314bae9c55790701b1811

Version cb52e7f24c1d01a536a847dff0d1d95889cc3b5c

Status affected

Version < f4d928c00254cfc9dd0ee7076f4a59bceec675f4

Version 426384dd4980040651536fef5feac4dcc4d7ee4e

Status affected

Version < 8a02fb71d7192ff1a9a47c9d937624966c6e09af

Version 50749f2dd6854a41830996ad302aef2ffaf011d8

Status affected

Version 30290f210ba7426ff7592fe2eb4114b1b5bad219

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 4.14.316

Version 4.14.315

Status affected

Version < 4.19.284

Version 4.19.283

Status affected

Version < 5.4.244

Version 5.4.243

Status affected

Version < 5.10.181

Version 5.10.180

Status affected

Version < 5.15.114

Version 5.15.111

Status affected

Version < 6.1.31

Version 6.1.28

Status affected

Version < 6.3.5

Version 6.3.2

Status affected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.096

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/82501f1ead557cbee1c2467654ec109a80334d22

https://git.kernel.org/stable/c/779332447108545ef04682ea29af5f85c0202aee

https://git.kernel.org/stable/c/58766252f6b2c0487cda6976a53d2bb03ae28e2a

https://git.kernel.org/stable/c/a594382ec6d0cc8cff5a8bc7e61b54e3858fb243

https://git.kernel.org/stable/c/e06841a2abf9c82735cee39e88b1d79464088840

https://git.kernel.org/stable/c/cc18b4685910d5d9de8314bae9c55790701b1811

https://git.kernel.org/stable/c/f4d928c00254cfc9dd0ee7076f4a59bceec675f4

https://git.kernel.org/stable/c/8a02fb71d7192ff1a9a47c9d937624966c6e09af

https://nvd.nist.gov/vuln/detail/CVE-2023-53716

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53716

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53716

EUVD