CVE-2023-53441Missing Release of Memory after Effective Lifetime in Linux

CWE-401Missing Release of Memory after Effective LifetimeCWE-772Missing Release of Resource after Effective Lifetime5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 95.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 18

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: cpumap: Fix memory leak in cpu_map_update_elem Syzkaller reported a memory leak as follows: BUG: memory leak unreferenced object 0xff110001198ef748 (size 192): comm "syz-executor.3", pid 17672, jiffies 4298118891 (age 9.906s) hex dump (first 32 bytes): 00 00 00 00 4a 19 00 00 80 ad e3 e4 fe ff c0 00 ....J........... 00 b2 d3 0c 01 00 11 ff 28 f5 8e 19 01 00 11 ff ........(....... backtrace: [] __cpu_map_entry_alloc+0xf7/

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel4.155.15.121+3
Debianlinux/linux_kernel< 6.1.52-1+2
CVEListV5linux/linux6710e1126934d8b4372b4d2f9ae1646cd3f151bfd26299f50f5ea8f0aeb5d49e659c31f64233c816+4
debiandebian/linux< linux 6.1.52-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2023-53441: In the Linux kernel, the following vulnerability has been resolved: bpf: cpumap: Fix memory leak in cpu_map_update_elem Syzkaller reported a memory le2025-09-18
GHSA
GHSA-67mx-9px6-mhwv: In the Linux kernel, the following vulnerability has been resolved: bpf: cpumap: Fix memory leak in cpu_map_update_elem Syzkaller reported a memory2025-09-18

📋Vendor Advisories

2
Red Hat
kernel: bpf: cpumap: Fix memory leak in cpu_map_update_elem2025-09-18
Debian
CVE-2023-53441: linux - In the Linux kernel, the following vulnerability has been resolved: bpf: cpumap...2023
CVE-2023-53441 — Linux vulnerability | cvebase