CVE-2023-54131Missing Release of Resource after Effective Lifetime in Linux

CWE-772Missing Release of Resource after Effective Lifetime7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 92.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00: Fix memory leak when handling surveys When removing a rt2x00 device, its associated channel surveys are not freed, causing a memory leak observable with kmemleak: unreferenced object 0xffff9620f0881a00 (size 512): comm "systemd-udevd", pid 2290, jiffies 4294906974 (age 33.768s) hex dump (first 32 bytes): 70 44 12 00 00 00 00 00 92 8a 00 00 00 00 00 00 pD.............. 00 00 00 00 00 00 00 00 ab 87 01 00 00 00 00

Affected Packages4 packages

Linuxlinux/linux_kernel5.11.05.15.111+3
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linux5447626910f5b8d964761ed4fa4feaf1a3ac47d0eb77c0c0a17c53d83b5fe8e46490fb0a7ed9e6af+5
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-v5xj-7363-557x: In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00: Fix memory leak when handling surveys When removing a rt2x00 devic2025-12-24
OSV
wifi: rt2x00: Fix memory leak when handling surveys2025-12-24
OSV
CVE-2023-54131: In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00: Fix memory leak when handling surveys When removing a rt2x00 device,2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel rt2x00 Wi-Fi driver: Denial of Service via memory leak during device removal2025-12-24
Debian
CVE-2023-54131: linux - In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x0...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54131 Impact, Exploitability, and Mitigation Steps | Wiz