CVE-2023-54050Missing Release of Resource after Effective Lifetime in Linux

CWE-772Missing Release of Resource after Effective Lifetime7 documents6 sources
Severity
3.3LOW
No vector
EPSS
0.0%
top 89.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memleak when insert_old_idx() failed Following process will cause a memleak for copied up znode: dirty_cow_znode zn = copy_znode(c, znode); err = insert_old_idx(c, zbr->lnum, zbr->offs); if (unlikely(err)) return ERR_PTR(err); // No one refers to zn. Fetch a reproducer in [Link]. Function copy_znode() is split into 2 parts: resource allocation and znode replacement, insert_old_idx() is split in similar way, so re

Affected Packages4 packages

Linuxlinux/linux_kernel2.6.274.19.283+6
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linux1e51764a3c2ac05a23a22b2a95ddee4d9bffb16dcc29c7216d7f057eb0613b97dc38c7e1962a88d2+8
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-4h8w-644c-qcrw: In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memleak when insert_old_idx() failed Following process will cause a m2025-12-24
OSV
ubifs: Fix memleak when insert_old_idx() failed2025-12-24
OSV
CVE-2023-54050: In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memleak when insert_old_idx() failed Following process will cause a mem2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: ubifs: Fix memleak when insert_old_idx() failed2025-12-24
Debian
CVE-2023-54050: linux - In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54050 Impact, Exploitability, and Mitigation Steps | Wiz