CVE-2023-54064 — Missing Release of Memory after Effective Lifetime in Linux

7 documents6 sources

Severity

5.5MEDIUM

No vector

EPSS

0.0%

top 89.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapter info came from SMBIOS, as it's not set in that case. However, this function can be called more than once, and it will leak the adapter name if it had already been set. So check for NULL before setting it.

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.4.0 — 5.4.257+5

▶Debianlinux/linux_kernel< 5.10.197-1+3

▶CVEListV5linux/linuxc4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c — de677f4379fa67f650e367c188a0f80bee9b6732+7

▶debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

OSV

CVE-2023-54064: In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_in↗2025-12-24

▶

GHSA

GHSA-5xvr-xv5p-xjpr: In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_↗2025-12-24

▶

OSV

ipmi:ssif: Fix a memory leak when scanning for an adapter↗2025-12-24

▶

📋Vendor Advisories

Red Hat

kernel: ipmi:ssif: Fix a memory leak when scanning for an adapter↗2025-12-24

▶

Debian

CVE-2023-54064: linux - In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: ...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-54064 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶