CVE-2023-53489

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contained memory leaks related to socket (sk) and zero-copy sk buffs (skbs) when using TX timestamping. The issue was identified through syzkaller reports, which demonstrated memory leaks in UDP sockets and zero-copy skbs. The problem arises from the way skbs are allocated, cloned, and freed during timestamping and zero-copy operations, leading to unreleased reference counts and circular dependencies. Specifically, the cloning of skbs in skb tstamp tx() did not properly handle ubuf references, causing a circular dependency. Additionally, previous attempts to address similar issues in TCP were incomplete and could still lead to memory leaks under certain conditions. The memory leaks occur when the original skb is received locally and the cloned skb is queued, potentially leading to unreferenced objects and memory exhaustion.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.