PT-2025-37545 · Linux+3 · Linux Kernel+3

Published

2023-07-15

Updated

2026-04-14

CVE-2023-53181

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The dma resv get fences() function in the Linux kernel may leak memory when krealloc array() fails during fence iteration. This occurs because the previously allocated array is not freed, and the returned *fences pointer may point to freed memory, potentially leading to access issues for callers. The issue is resolved by manually freeing the old array and clearing the *fences and *num fences variables.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-834

Related Identifiers

BDU:2026-02040

CVE-2023-53181

RHSA-2022:7683

RHSA-2022:8267

RHSA-2024:2394

SUSE-SU-2025:03600-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:3761-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2025-37545 · Linux+3 · Linux Kernel+3

CVE-2023-53181

Weakness Enumeration

Related Identifiers

Affected Products

References · 1990