CVE-2023-54077

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a memory leak in the ntfs3 filesystem when the ntfs read mft function fails under specific conditions. The issue arises from inconsistencies in setting flags related to directory attributes during the processing of MFT (Master File Table) entries. Specifically, the ATTR ROOT label sets is root to true and NI FLAG DIR, but these states are not always consistent. This can lead to a memory leak because the cleanup function ni clear() frees the wrong memory allocation (ni->file.run instead of ni->dir.alloc run) when NI FLAG DIR is not set. The backtrace indicates the leak occurs during the allocation of memory for directory entries.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.