-

CVE-2023-53746

EPSS 0.02%
Veröffentlicht 08.12.2025 01:19:05
Zuletzt bearbeitet 08.12.2025 18:26:19
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

s390/vfio-ap: fix memory leak in vfio_ap device driver

The device release callback function invoked to release the matrix device
uses the dev_get_drvdata(device *dev) function to retrieve the
pointer to the vfio_matrix_dev object in order to free its storage. The
problem is, this object is not stored as drvdata with the device; since the
kfree function will accept a NULL pointer, the memory for the
vfio_matrix_dev object is never freed.

Since the device being released is contained within the vfio_matrix_dev
object, the container_of macro will be used to retrieve its pointer.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 5195de1d5f66b276683240a896783f7f43c4f664

Version 1fde573413b549d52183382e639c1d6ce88f5959

Status affected

Version < ee17dea3072dec0bc34399a32fa884e26342e4ea

Version 1fde573413b549d52183382e639c1d6ce88f5959

Status affected

Version < aa2bff25e9bb10c935c7ffe3d5f5975bdccb1749

Version 1fde573413b549d52183382e639c1d6ce88f5959

Status affected

Version < 6a40fda14b4be3e38f03cc42ffd4efbc64fb3e67

Version 1fde573413b549d52183382e639c1d6ce88f5959

Status affected

Version < 7b6a02f5bf15931464c79dfd487c57f76aae3496

Version 1fde573413b549d52183382e639c1d6ce88f5959

Status affected

Version < 8f8cf767589f2131ae5d40f3758429095c701c84

Version 1fde573413b549d52183382e639c1d6ce88f5959

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.20

Status affected

Version < 4.20

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.240

Status unaffected

Version <= 5.10.*

Version 5.10.177

Status unaffected

Version <= 5.15.*

Version 5.15.106

Status unaffected

Version <= 6.1.*

Version 6.1.23

Status unaffected

Version <= 6.2.*

Version 6.2.10

Status unaffected

Version <= *

Version 6.3

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.057

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/5195de1d5f66b276683240a896783f7f43c4f664

https://git.kernel.org/stable/c/ee17dea3072dec0bc34399a32fa884e26342e4ea

https://git.kernel.org/stable/c/aa2bff25e9bb10c935c7ffe3d5f5975bdccb1749

https://git.kernel.org/stable/c/6a40fda14b4be3e38f03cc42ffd4efbc64fb3e67

https://git.kernel.org/stable/c/7b6a02f5bf15931464c79dfd487c57f76aae3496

https://git.kernel.org/stable/c/8f8cf767589f2131ae5d40f3758429095c701c84

https://nvd.nist.gov/vuln/detail/CVE-2023-53746

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53746

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53746

EUVD