CVE-2023-53611Missing Release of Memory after Effective Lifetime in Linux

CWE-401Missing Release of Memory after Effective LifetimeCWE-771Missing Reference to Active Allocated Resource5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 97.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 4

Description

In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid 2707763, jiffies 4300851415 (age 773.308s) backtrace: [] __kmalloc+0x4b8/0x7b0 [] try_smi_init+0x148/0x5dc [ipmi_si] [] 0xffff800081b10148 [] do_one_initcall+0x64/0x2a4 [] do_init_module+0x50/0x300 [] load_module+0x7a8/0x9e0 [] __se_sys_init_module+0x104

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel4.184.19.295+6
Debianlinux/linux_kernel< 5.10.197-1+3
CVEListV5linux/linux7960f18a56475bf2177c5ff56c72eb4c12c56440b9bc8fbb2d416ce87f0342478dc9fcfd79f2c65f+8
debiandebian/linux< linux 6.1.55-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-7r62-fw3j-xjqf: In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak in2025-10-04
OSV
CVE-2023-53611: In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info2025-10-04

📋Vendor Advisories

2
Red Hat
kernel: ipmi_si: fix a memleak in try_smi_init()2025-10-04
Debian
CVE-2023-53611: linux - In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fi...2023