-

CVE-2023-54091

EPSS 0.04%
Veröffentlicht 24.12.2025 13:06:20
Zuletzt bearbeitet 29.12.2025 15:58:34
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

drm/client: Fix memory leak in drm_client_target_cloned

dmt_mode is allocated and never freed in this function.
It was found with the ast driver, but most drivers using generic fbdev
setup are probably affected.

This fixes the following kmemleak report:
  backtrace:
    [<00000000b391296d>] drm_mode_duplicate+0x45/0x220 [drm]
    [<00000000e45bb5b3>] drm_client_target_cloned.constprop.0+0x27b/0x480 [drm]
    [<00000000ed2d3a37>] drm_client_modeset_probe+0x6bd/0xf50 [drm]
    [<0000000010e5cc9d>] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]
    [<00000000909f82ca>] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]
    [<00000000063a69aa>] drm_client_register+0x169/0x240 [drm]
    [<00000000a8c61525>] ast_pci_probe+0x142/0x190 [ast]
    [<00000000987f19bb>] local_pci_probe+0xdc/0x180
    [<000000004fca231b>] work_for_cpu_fn+0x4e/0xa0
    [<0000000000b85301>] process_one_work+0x8b7/0x1540
    [<000000003375b17c>] worker_thread+0x70a/0xed0
    [<00000000b0d43cd9>] kthread+0x29f/0x340
    [<000000008d770833>] ret_from_fork+0x1f/0x30
unreferenced object 0xff11000333089a00 (size 128):

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < d3009700f48602b557eade1f22c98b6bc20247e8

Version 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a

Status affected

Version < a4b978249e8fa94956fce8b70a709f7797716f62

Version 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a

Status affected

Version < 52daf6ba2e0d201640cb1ce42049c5c4426b4d6e

Version 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a

Status affected

Version < 105275879a80503686a8108af2f5c579a1c5aef4

Version 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a

Status affected

Version < a85e23a1ef63e45a18f0a30d7816fcb4a865ca95

Version 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a

Status affected

Version < b5359d7a5087ac398fc429da6833133b4784c268

Version 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a

Status affected

Version < 4b596a6e2d2e0f9c14e4122506dd715f43fcd727

Version 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a

Status affected

Version < c2a88e8bdf5f6239948d75283d0ae7e0c7945b03

Version 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 2.6.35

Status affected

Version < 2.6.35

Version 0

Status unaffected

Version <= 4.14.*

Version 4.14.322

Status unaffected

Version <= 4.19.*

Version 4.19.291

Status unaffected

Version <= 5.4.*

Version 5.4.251

Status unaffected

Version <= 5.10.*

Version 5.10.188

Status unaffected

Version <= 5.15.*

Version 5.15.123

Status unaffected

Version <= 6.1.*

Version 6.1.42

Status unaffected

Version <= 6.4.*

Version 6.4.7

Status unaffected

Version <= *

Version 6.5

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.1

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/d3009700f48602b557eade1f22c98b6bc20247e8

https://git.kernel.org/stable/c/a4b978249e8fa94956fce8b70a709f7797716f62

https://git.kernel.org/stable/c/52daf6ba2e0d201640cb1ce42049c5c4426b4d6e

https://git.kernel.org/stable/c/105275879a80503686a8108af2f5c579a1c5aef4

https://git.kernel.org/stable/c/a85e23a1ef63e45a18f0a30d7816fcb4a865ca95

https://git.kernel.org/stable/c/b5359d7a5087ac398fc429da6833133b4784c268

https://git.kernel.org/stable/c/4b596a6e2d2e0f9c14e4122506dd715f43fcd727

https://git.kernel.org/stable/c/c2a88e8bdf5f6239948d75283d0ae7e0c7945b03

https://nvd.nist.gov/vuln/detail/CVE-2023-54091

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54091

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54091

EUVD