CVE-2023-54134Missing Release of Resource after Effective Lifetime in Linux

CWE-772Missing Release of Resource after Effective Lifetime7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 89.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: autofs: fix memory leak of waitqueues in autofs_catatonic_mode Syzkaller reports a memory leak: BUG: memory leak unreferenced object 0xffff88810b279e00 (size 96): comm "syz-executor399", pid 3631, jiffies 4294964921 (age 23.870s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 08 9e 27 0b 81 88 ff ff ..........'..... 08 9e 27 0b 81 88 ff ff 00 00 00 00 00 00 00 00 ..'............. backtrace: [] kmalloc_trace+0x20/0x90 mm/s

Affected Packages4 packages

Linuxlinux/linux_kernel2.6.274.14.326+6
Debianlinux/linux_kernel< 5.10.197-1+3
CVEListV5linux/linux296f7bf78bc5c7a4d772aea580ce800d14040d1a1985e8eae8627f02e3364690c5fed7af1c46be55+8
debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-8c3j-jg6j-52j2: In the Linux kernel, the following vulnerability has been resolved: autofs: fix memory leak of waitqueues in autofs_catatonic_mode Syzkaller reports2025-12-24
OSV
autofs: fix memory leak of waitqueues in autofs_catatonic_mode2025-12-24
OSV
CVE-2023-54134: In the Linux kernel, the following vulnerability has been resolved: autofs: fix memory leak of waitqueues in autofs_catatonic_mode Syzkaller reports a2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel autofs: Denial of Service due to memory leak in autofs_catatonic_mode2025-12-24
Debian
CVE-2023-54134: linux - In the Linux kernel, the following vulnerability has been resolved: autofs: fix...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54134 Impact, Exploitability, and Mitigation Steps | Wiz