CVE-2023-54194Allocation of Resources Without Limits or Throttling in Linux

CWE-770Allocation of Resources Without Limits or Throttling7 documents6 sources
Severity
3.3LOW
No vector
EPSS
0.0%
top 92.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree The call stack shown below is a scenario in the Linux 4.19 kernel. Allocating memory failed where exfat fs use kmalloc_array due to system memory fragmentation, while the u-disk was inserted without recognition. Devices such as u-disk using the exfat file system are pluggable and may be insert into the system at any time. However, long-term running systems cannot

Affected Packages4 packages

Linuxlinux/linux_kernel5.7.05.10.190+3
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linux1e49a94cf707204b66a3fb242f2814712c941f5279d16a84ea41272dfcb0c00f9798ddd0edd8098d+5
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-f8mj-mr8j-j44m: In the Linux kernel, the following vulnerability has been resolved: exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree The call stack s2025-12-30
OSV
exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree2025-12-30
OSV
CVE-2023-54194: In the Linux kernel, the following vulnerability has been resolved: exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree The call stack sho2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: exfat: use kvmalloc_array/kvfree instead of kmalloc_array/kfree2025-12-30
Debian
CVE-2023-54194: linux - In the Linux kernel, the following vulnerability has been resolved: exfat: use ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54194 Impact, Exploitability, and Mitigation Steps | Wiz