CVE-2023-54091Missing Release of Resource after Effective Lifetime in Linux

CWE-772Missing Release of Resource after Effective Lifetime7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 89.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_target_cloned dmt_mode is allocated and never freed in this function. It was found with the ast driver, but most drivers using generic fbdev setup are probably affected. This fixes the following kmemleak report: backtrace: [] drm_mode_duplicate+0x45/0x220 [drm] [] drm_client_target_cloned.constprop.0+0x27b/0x480 [drm] [] drm_client_modeset_probe+0x6bd/0xf50 [drm] [] __drm_fb_helper_in

Affected Packages4 packages

Linuxlinux/linux_kernel2.6.354.14.322+6
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linux1d42bbc8f7f9ce4d852692ef7aa336b133b0830ad3009700f48602b557eade1f22c98b6bc20247e8+8
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2023-54091: In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_target_cloned dmt_mode is allocated and2025-12-24
OSV
drm/client: Fix memory leak in drm_client_target_cloned2025-12-24
GHSA
GHSA-h228-354g-ppq4: In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_target_cloned dmt_mode is allocated an2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel: Denial of Service due to memory leak in drm_client_target_cloned function2025-12-24
Debian
CVE-2023-54091: linux - In the Linux kernel, the following vulnerability has been resolved: drm/client:...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54091 Impact, Exploitability, and Mitigation Steps | Wiz