CVE-2023-54146

EPSS 0.03%
Veröffentlicht 24.12.2025 13:06:58
Zuletzt bearbeitet 29.12.2025 15:58:13
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

x86/kexec: Fix double-free of elf header buffer

After

  b3e34a47f989 ("x86/kexec: fix memory leak of elf header buffer"),

freeing image->elf_headers in the error path of crash_load_segments()
is not needed because kimage_file_post_load_cleanup() will take
care of that later. And not clearing it could result in a double-free.

Drop the superfluous vfree() call at the error path of
crash_load_segments().

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 8

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 4c71a552b97fb4f46eb300224434fe56fcf4f254

Version 23cf39dccf7653650701a6f39b119e9116a27f1a

Status affected

Version < 554a880a1fff46dd5a355dec21cd77d542a0ddf2

Version 8765a423a87d74ef24ea02b43b2728fe4039f248

Status affected

Version < fbdbf8ac333d3d47c0d9ea81d7d445654431d100

Version b3e34a47f98974d0844444c5121aaff123004e57

Status affected

Version < 5bd3c7abeb69fb4133418b846a1c6dc11313d6f0

Version b3e34a47f98974d0844444c5121aaff123004e57

Status affected

Version < d00dd2f2645dca04cf399d8fc692f3f69b6dd996

Version b3e34a47f98974d0844444c5121aaff123004e57

Status affected

Version 115ee42a4c2f26ba2b4ace2668a3f004621f6833

Status affected

Version f675e3a9189d84a9324ab45b0cb19906c2bc8fcb

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.19

Status affected

Version < 5.19

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.87

Status unaffected

Version <= 6.0.*

Version 6.0.19

Status unaffected

Version <= 6.1.*

Version 6.1.5

Status unaffected

Version <= *

Version 6.2

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.065

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/4c71a552b97fb4f46eb300224434fe56fcf4f254

https://git.kernel.org/stable/c/554a880a1fff46dd5a355dec21cd77d542a0ddf2

https://git.kernel.org/stable/c/fbdbf8ac333d3d47c0d9ea81d7d445654431d100

https://git.kernel.org/stable/c/5bd3c7abeb69fb4133418b846a1c6dc11313d6f0

https://git.kernel.org/stable/c/d00dd2f2645dca04cf399d8fc692f3f69b6dd996

https://nvd.nist.gov/vuln/detail/CVE-2023-54146

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54146

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54146

EUVD