CVE-2023-54112 — Missing Release of Memory after Effective Lifetime in Linux
7 documents6 sources
Severity
—N/A
No vectorEPSS
0.0%
top 89.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 24
Description
In the Linux kernel, the following vulnerability has been resolved:
kcm: Fix memory leak in error path of kcm_sendmsg()
syzbot reported a memory leak like below:
BUG: memory leak
unreferenced object 0xffff88810b088c00 (size 240):
comm "syz-executor186", pid 5012, jiffies 4294943306 (age 13.680s)
hex dump (first 32 bytes):
00 89 08 0b 81 88 ff ff 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[] __alloc_skb+0x1ef/0x230 net/c…
Affected Packages4 packages
▶CVEListV5linux/linuxab7ac4eb9832e32a09f4e8042705484d2fb0aad3 — 8dc7eb757b1652b82725f32e0c89a1e9f6c0e13b+8
🔴Vulnerability Details
3OSV▶
CVE-2023-54112: In the Linux kernel, the following vulnerability has been resolved: kcm: Fix memory leak in error path of kcm_sendmsg() syzbot reported a memory leak↗2025-12-24
GHSA▶
GHSA-2f8x-cwx7-q35r: In the Linux kernel, the following vulnerability has been resolved:
kcm: Fix memory leak in error path of kcm_sendmsg()
syzbot reported a memory lea↗2025-12-24