PT-2024-8277 · Linux+5 · Linux Kernel+5

Xiaolei Wang

Published

2023-12-18

Updated

2025-03-28

CVE-2023-52670

CVSS v3.1

6.6

Medium

Vector

AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The vulnerability is related to a memory leak in the Linux kernel's virtio component. Specifically, the issue occurs when the rpmsg remove() function is called without freeing the driver override memory, leading to an unreferenced object. This can cause a memory leak, potentially resulting in a denial-of-service condition. The vulnerability is exploited by causing the rpmsg remove() function to be called without properly freeing the driver override memory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

AZL-63107

BDU:2024-09830

CVE-2023-52670

DLA-3840-1

DLA-3842-1

OESA-2024-1737

OESA-2024-1738

OESA-2024-1767

OPENSUSE-SU-2024_2372-1

OPENSUSE-SU-2024_2394-1

SUSE-SU-2024:2135-1

SUSE-SU-2024:2203-1

SUSE-SU-2024:2372-1

SUSE-SU-2024:2385-1

SUSE-SU-2024:2394-1

SUSE-SU-2024:2495-1

SUSE-SU-2024:2939-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

SUSE-SU-2025:20166-1

SUSE-SU-2025:20249-1

USN-6818-1

USN-6818-2

USN-6818-3

USN-6818-4

USN-6819-1

USN-6819-2

USN-6819-3

USN-6819-4

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2024-8277 · Linux+5 · Linux Kernel+5

CVE-2023-52670

Weakness Enumeration

Related Identifiers

Affected Products

References · 3727