-

CVE-2023-54050

EPSS 0.04%
Veröffentlicht 24.12.2025 12:23:00
Zuletzt bearbeitet 29.12.2025 15:58:34
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

ubifs: Fix memleak when insert_old_idx() failed

Following process will cause a memleak for copied up znode:

dirty_cow_znode
  zn = copy_znode(c, znode);
  err = insert_old_idx(c, zbr->lnum, zbr->offs);
  if (unlikely(err))
     return ERR_PTR(err);   // No one refers to zn.

Fetch a reproducer in [Link].

Function copy_znode() is split into 2 parts: resource allocation
and znode replacement, insert_old_idx() is split in similar way,
so resource cleanup could be done in error handling path without
corrupting metadata(mem & disk).
It's okay that old index inserting is put behind of add_idx_dirt(),
old index is used in layout_leb_in_gaps(), so the two processes do
not depend on each other.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < cc29c7216d7f057eb0613b97dc38c7e1962a88d2

Version 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d

Status affected

Version < 6f2eee5457bc48b0426dedfd78cdbdea241a6edb

Version 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d

Status affected

Version < 66e9f2fb3e753f820bec2a98e8c6387029988320

Version 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d

Status affected

Version < 3ae75f82c33fa1b4ca2006b55c84f4ef4a428d4d

Version 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d

Status affected

Version < ef9aac603659e9ffe7d69ae16e3f0fc0991a965b

Version 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d

Status affected

Version < 79079cebbeed624b9d01cfcf1e3254ae1a1f6e14

Version 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d

Status affected

Version < a6da0ab9847779e05a7416c7a98148b549de69ef

Version 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d

Status affected

Version < b5fda08ef213352ac2df7447611eb4d383cce929

Version 1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.27

Status affected

Version < 2.6.27

Version 0

Status unaffected

Version <= 4.19.*

Version 4.19.283

Status unaffected

Version <= 5.4.*

Version 5.4.243

Status unaffected

Version <= 5.10.*

Version 5.10.180

Status unaffected

Version <= 5.15.*

Version 5.15.111

Status unaffected

Version <= 6.1.*

Version 6.1.28

Status unaffected

Version <= 6.2.*

Version 6.2.15

Status unaffected

Version <= 6.3.*

Version 6.3.2

Status unaffected

Version <= *

Version 6.4

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.1

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/cc29c7216d7f057eb0613b97dc38c7e1962a88d2

https://git.kernel.org/stable/c/6f2eee5457bc48b0426dedfd78cdbdea241a6edb

https://git.kernel.org/stable/c/66e9f2fb3e753f820bec2a98e8c6387029988320

https://git.kernel.org/stable/c/3ae75f82c33fa1b4ca2006b55c84f4ef4a428d4d

https://git.kernel.org/stable/c/ef9aac603659e9ffe7d69ae16e3f0fc0991a965b

https://git.kernel.org/stable/c/79079cebbeed624b9d01cfcf1e3254ae1a1f6e14

https://git.kernel.org/stable/c/a6da0ab9847779e05a7416c7a98148b549de69ef

https://git.kernel.org/stable/c/b5fda08ef213352ac2df7447611eb4d383cce929

https://nvd.nist.gov/vuln/detail/CVE-2023-54050

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54050

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54050

EUVD