CVE-2023-54115

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a memory leak in the nonstatic release resource db() function within the PCMCIA subsystem. When this function frees resources associated with a PCMCIA socket, it fails to free the socket data structure, leading to a memory leak. This issue was observed using kmemleak and can be triggered by manually binding and unbinding the yenta cardbus driver (specifically the yenta socket). The backtrace indicates involvement of functions like kmem cache alloc node, kmalloc trace, nonstatic init, pcmcia register socket, yenta probe, pci device probe, and others related to driver probing and device attachment.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.