PT-2025-37545 · Linux+3 · Linux Kernel+3

Publicado

2023-07-15

Atualizado

2026-04-14

CVE-2023-53181

CVSS v2.0

6.0

Média

Vetor

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The dma resv get fences() function in the Linux kernel may leak memory when krealloc array() fails during fence iteration. This occurs because the previously allocated array is not freed, and the returned *fences pointer may point to freed memory, potentially leading to access issues for callers. The issue is resolved by manually freeing the old array and clearing the *fences and *num fences variables.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-834

Identificadores relacionados

BDU:2026-02040

CVE-2023-53181

RHSA-2022:7683

RHSA-2022:8267

RHSA-2024:2394

SUSE-SU-2025:03600-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:3761-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

Produtos afetados

Astra Linux

Linux Kernel

Red Os

Suse

PT-2025-37545 · Linux+3 · Linux Kernel+3

CVE-2023-53181

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 1990