CVE-2023-54003 — Missing Release of Resource after Effective Lifetime in Linux

CWE-772 — Missing Release of Resource after Effective Lifetime7 documents6 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 89.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when create_ah fails If AH create request fails, release sgid_attr to avoid GID entry referrence leak reported while releasing GID table

Affected Packages4 packages

▶Linuxlinux/linux_kernel4.19.0 — 5.4.241+4

▶Debianlinux/linux_kernel< 5.10.178-1+3

▶CVEListV5linux/linux1a1f460ff151710289c2f8d4badd8b603b87d610 — 9c46c49ad3ffe84121715d392b5a0a94f9f10669+6

▶debiandebian/linux< linux 6.1.25-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2023-54003: In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when create_ah fails If AH create request fails,↗2025-12-24

▶

GHSA

GHSA-v7fh-fh2g-3493: In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when create_ah fails If AH create request fail↗2025-12-24

▶

OSV

RDMA/core: Fix GID entry ref leak when create_ah fails↗2025-12-24

▶

📋Vendor Advisories

Red Hat

kernel: Linux kernel: RDMA/core GID entry leak causes Denial of Service↗2025-12-24

▶

Debian

CVE-2023-54003: linux - In the Linux kernel, the following vulnerability has been resolved: RDMA/core: ...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-54003 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶