CVE-2023-53136

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a memory leak in the Linux kernel, specifically in the af unix module. The problem arises when queue oob() calls maybe add creds(), which potentially holds a reference on a pid, but skb->destructor is not set. This results in a memory leak when kfree skb() or consume skb() is called. The leak was reported by syzbot and is related to struct pid leaks in OOB support.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.