CVE-2023-54162 — Missing Release of Memory after Effective Lifetime in Linux

7 documents6 sources

Severity

5.3MEDIUM

No vector

EPSS

0.0%

top 92.73%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible memory leak in smb2_lock() argv needs to be free when setup_async_work fails or when the current process is woken up.

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.15.0 — 5.15.145+2

▶Debianlinux/linux_kernel< 6.1.20-1+2

▶CVEListV5linux/linuxe2f34481b24db2fd634b5edb0a5bd0e4d38cc6e9 — bfe8372ef2dbdce97f13b21d76e2080ddeef5a79+4

▶debiandebian/linux< linux 6.1.20-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-gpc8-vf5r-8fj8: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible memory leak in smb2_lock() argv needs to be free when setup_↗2025-12-30

▶

OSV

CVE-2023-54162: In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix possible memory leak in smb2_lock() argv needs to be free when setup_as↗2025-12-30

▶

OSV

ksmbd: fix possible memory leak in smb2_lock()↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: ksmbd: fix possible memory leak in smb2_lock()↗2025-12-30

▶

Debian

CVE-2023-54162: linux - In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix ...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-54162 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶