CVE-2023-52653

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-52653
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52653.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-52653
Downstream
Related
Published
2024-05-01T13:04:02Z
Modified
2025-10-08T16:32:38.886047Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
SUNRPC: fix a memleak in gss_import_v2_context
Details

In the Linux kernel, the following vulnerability has been resolved:

SUNRPC: fix a memleak in gssimportv2_context

The ctx->mechused.data allocated by kmemdup is not freed in neither gssimportv2context nor it only caller gsskrb5importseccontext, which frees ctx on error.

Thus, this patch reform the last call of gssimportv2context to the gsskrb5importctx_v2, preventing the memleak while keepping the return formation.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
47d84807762966c3611c38adecec6ea703ddda7a
Fixed
99044c01ed5329e73651c054d8a4baacdbb1a27c
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
47d84807762966c3611c38adecec6ea703ddda7a
Fixed
47ac11db93e74ac49cd6c3fc69bcbc5964c4a8b4
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
47d84807762966c3611c38adecec6ea703ddda7a
Fixed
d111e30d9cd846bb368faf3637dc0f71fcbcf822
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
47d84807762966c3611c38adecec6ea703ddda7a
Fixed
e67b652d8e8591d3b1e569dbcdfcee15993e91fa

Affected versions

v2.*

v2.6.34
v2.6.35
v2.6.35-rc1
v2.6.35-rc2
v2.6.35-rc3
v2.6.35-rc4
v2.6.35-rc5
v2.6.35-rc6
v2.6.36
v2.6.36-rc1
v2.6.36-rc2
v2.6.36-rc3
v2.6.36-rc4
v2.6.36-rc5
v2.6.36-rc6
v2.6.36-rc7
v2.6.36-rc8
v2.6.37
v2.6.37-rc1
v2.6.37-rc2
v2.6.37-rc3
v2.6.37-rc4
v2.6.37-rc5
v2.6.37-rc6
v2.6.37-rc7
v2.6.37-rc8
v2.6.38
v2.6.38-rc1
v2.6.38-rc2
v2.6.38-rc3
v2.6.38-rc4
v2.6.38-rc5
v2.6.38-rc6
v2.6.38-rc7
v2.6.38-rc8
v2.6.39
v2.6.39-rc1
v2.6.39-rc2
v2.6.39-rc3
v2.6.39-rc4
v2.6.39-rc5
v2.6.39-rc6
v2.6.39-rc7

v3.*

v3.0
v3.0-rc1
v3.0-rc2
v3.0-rc3
v3.0-rc4
v3.0-rc5
v3.0-rc6
v3.0-rc7
v3.1
v3.1-rc1
v3.1-rc10
v3.1-rc2
v3.1-rc3
v3.1-rc4
v3.1-rc5
v3.1-rc6
v3.1-rc7
v3.1-rc8
v3.1-rc9
v3.10
v3.10-rc1
v3.10-rc2
v3.10-rc3
v3.10-rc4
v3.10-rc5
v3.10-rc6
v3.10-rc7
v3.11
v3.11-rc1
v3.11-rc2
v3.11-rc3
v3.11-rc4
v3.11-rc5
v3.11-rc6
v3.11-rc7
v3.12
v3.12-rc1
v3.12-rc2
v3.12-rc3
v3.12-rc4
v3.12-rc5
v3.12-rc6
v3.12-rc7
v3.13
v3.13-rc1
v3.13-rc2
v3.13-rc3
v3.13-rc4
v3.13-rc5
v3.13-rc6
v3.13-rc7
v3.13-rc8
v3.14
v3.14-rc1
v3.14-rc2
v3.14-rc3
v3.14-rc4
v3.14-rc5
v3.14-rc6
v3.14-rc7
v3.14-rc8
v3.15
v3.15-rc1
v3.15-rc2
v3.15-rc3
v3.15-rc4
v3.15-rc5
v3.15-rc6
v3.15-rc7
v3.15-rc8
v3.16
v3.16-rc1
v3.16-rc2
v3.16-rc3
v3.16-rc4
v3.16-rc5
v3.16-rc6
v3.16-rc7
v3.17
v3.17-rc1
v3.17-rc2
v3.17-rc3
v3.17-rc4
v3.17-rc5
v3.17-rc6
v3.17-rc7
v3.18
v3.18-rc1
v3.18-rc2
v3.18-rc3
v3.18-rc4
v3.18-rc5
v3.18-rc6
v3.18-rc7
v3.19
v3.19-rc1
v3.19-rc2
v3.19-rc3
v3.19-rc4
v3.19-rc5
v3.19-rc6
v3.19-rc7
v3.2
v3.2-rc1
v3.2-rc2
v3.2-rc3
v3.2-rc4
v3.2-rc5
v3.2-rc6
v3.2-rc7
v3.3
v3.3-rc1
v3.3-rc2
v3.3-rc3
v3.3-rc4
v3.3-rc5
v3.3-rc6
v3.3-rc7
v3.4
v3.4-rc1
v3.4-rc2
v3.4-rc3
v3.4-rc4
v3.4-rc5
v3.4-rc6
v3.4-rc7
v3.5
v3.5-rc1
v3.5-rc2
v3.5-rc3
v3.5-rc4
v3.5-rc5
v3.5-rc6
v3.5-rc7
v3.6
v3.6-rc1
v3.6-rc2
v3.6-rc3
v3.6-rc4
v3.6-rc5
v3.6-rc6
v3.6-rc7
v3.7
v3.7-rc1
v3.7-rc2
v3.7-rc3
v3.7-rc4
v3.7-rc5
v3.7-rc6
v3.7-rc7
v3.7-rc8
v3.8
v3.8-rc1
v3.8-rc2
v3.8-rc3
v3.8-rc4
v3.8-rc5
v3.8-rc6
v3.8-rc7
v3.9
v3.9-rc1
v3.9-rc2
v3.9-rc3
v3.9-rc4
v3.9-rc5
v3.9-rc6
v3.9-rc7
v3.9-rc8

v4.*

v4.0
v4.0-rc1
v4.0-rc2
v4.0-rc3
v4.0-rc4
v4.0-rc5
v4.0-rc6
v4.0-rc7
v4.1
v4.1-rc1
v4.1-rc2
v4.1-rc3
v4.1-rc4
v4.1-rc5
v4.1-rc6
v4.1-rc7
v4.1-rc8
v4.10
v4.10-rc1
v4.10-rc2
v4.10-rc3
v4.10-rc4
v4.10-rc5
v4.10-rc6
v4.10-rc7
v4.10-rc8
v4.11
v4.11-rc1
v4.11-rc2
v4.11-rc3
v4.11-rc4
v4.11-rc5
v4.11-rc6
v4.11-rc7
v4.11-rc8
v4.12
v4.12-rc1
v4.12-rc2
v4.12-rc3
v4.12-rc4
v4.12-rc5
v4.12-rc6
v4.12-rc7
v4.13
v4.13-rc1
v4.13-rc2
v4.13-rc3
v4.13-rc4
v4.13-rc5
v4.13-rc6
v4.13-rc7
v4.14
v4.14-rc1
v4.14-rc2
v4.14-rc3
v4.14-rc4
v4.14-rc5
v4.14-rc6
v4.14-rc7
v4.14-rc8
v4.15
v4.15-rc1
v4.15-rc2
v4.15-rc3
v4.15-rc4
v4.15-rc5
v4.15-rc6
v4.15-rc7
v4.15-rc8
v4.15-rc9
v4.16
v4.16-rc1
v4.16-rc2
v4.16-rc3
v4.16-rc4
v4.16-rc5
v4.16-rc6
v4.16-rc7
v4.17
v4.17-rc1
v4.17-rc2
v4.17-rc3
v4.17-rc4
v4.17-rc5
v4.17-rc6
v4.17-rc7
v4.18
v4.18-rc1
v4.18-rc2
v4.18-rc3
v4.18-rc4
v4.18-rc5
v4.18-rc6
v4.18-rc7
v4.18-rc8
v4.19
v4.19-rc1
v4.19-rc2
v4.19-rc3
v4.19-rc4
v4.19-rc5
v4.19-rc6
v4.19-rc7
v4.19-rc8
v4.2
v4.2-rc1
v4.2-rc2
v4.2-rc3
v4.2-rc4
v4.2-rc5
v4.2-rc6
v4.2-rc7
v4.2-rc8
v4.20
v4.20-rc1
v4.20-rc2
v4.20-rc3
v4.20-rc4
v4.20-rc5
v4.20-rc6
v4.20-rc7
v4.3
v4.3-rc1
v4.3-rc2
v4.3-rc3
v4.3-rc4
v4.3-rc5
v4.3-rc6
v4.3-rc7
v4.4
v4.4-rc1
v4.4-rc2
v4.4-rc3
v4.4-rc4
v4.4-rc5
v4.4-rc6
v4.4-rc7
v4.4-rc8
v4.5
v4.5-rc1
v4.5-rc2
v4.5-rc3
v4.5-rc4
v4.5-rc5
v4.5-rc6
v4.5-rc7
v4.6
v4.6-rc1
v4.6-rc2
v4.6-rc3
v4.6-rc4
v4.6-rc5
v4.6-rc6
v4.6-rc7
v4.7
v4.7-rc1
v4.7-rc2
v4.7-rc3
v4.7-rc4
v4.7-rc5
v4.7-rc6
v4.7-rc7
v4.8
v4.8-rc1
v4.8-rc2
v4.8-rc3
v4.8-rc4
v4.8-rc5
v4.8-rc6
v4.8-rc7
v4.8-rc8
v4.9
v4.9-rc1
v4.9-rc2
v4.9-rc3
v4.9-rc4
v4.9-rc5
v4.9-rc6
v4.9-rc7
v4.9-rc8

v5.*

v5.0
v5.0-rc1
v5.0-rc2
v5.0-rc3
v5.0-rc4
v5.0-rc5
v5.0-rc6
v5.0-rc7
v5.0-rc8
v5.1
v5.1-rc1
v5.1-rc2
v5.1-rc3
v5.1-rc4
v5.1-rc5
v5.1-rc6
v5.1-rc7
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.2
v5.2-rc1
v5.2-rc2
v5.2-rc3
v5.2-rc4
v5.2-rc5
v5.2-rc6
v5.2-rc7
v5.3
v5.3-rc1
v5.3-rc2
v5.3-rc3
v5.3-rc4
v5.3-rc5
v5.3-rc6
v5.3-rc7
v5.3-rc8
v5.4
v5.4-rc1
v5.4-rc2
v5.4-rc3
v5.4-rc4
v5.4-rc5
v5.4-rc6
v5.4-rc7
v5.4-rc8
v5.5
v5.5-rc1
v5.5-rc2
v5.5-rc3
v5.5-rc4
v5.5-rc5
v5.5-rc6
v5.5-rc7
v5.6
v5.6-rc1
v5.6-rc2
v5.6-rc3
v5.6-rc4
v5.6-rc5
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8

v6.*

v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.5
v6.5-rc1
v6.5-rc2
v6.5-rc3
v6.5-rc4
v6.5-rc5
v6.5-rc6
v6.5-rc7
v6.6
v6.6-rc1
v6.6-rc2
v6.6-rc3
v6.6-rc4
v6.6-rc5
v6.6-rc6
v6.6-rc7
v6.6.1
v6.6.10
v6.6.11
v6.6.12
v6.6.13
v6.6.14
v6.6.15
v6.6.16
v6.6.17
v6.6.18
v6.6.19
v6.6.2
v6.6.20
v6.6.21
v6.6.22
v6.6.3
v6.6.4
v6.6.5
v6.6.6
v6.6.7
v6.6.8
v6.6.9
v6.7
v6.7-rc1
v6.7-rc2
v6.7-rc3
v6.7-rc4
v6.7-rc5
v6.7-rc6
v6.7-rc7
v6.7-rc8
v6.7.1
v6.7.10
v6.7.2
v6.7.3
v6.7.4
v6.7.5
v6.7.6
v6.7.7
v6.7.8
v6.7.9
v6.8
v6.8-rc1
v6.8-rc2
v6.8-rc3
v6.8-rc4
v6.8-rc5
v6.8-rc6
v6.8-rc7
v6.8.1

Database specific

{
    "vanir_signatures": [
        {
            "signature_type": "Line",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e67b652d8e8591d3b1e569dbcdfcee15993e91fa",
            "target": {
                "file": "net/sunrpc/auth_gss/gss_krb5_mech.c"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2023-52653-05de2ac6",
            "digest": {
                "line_hashes": [
                    "173506516816324947173723450724157025787",
                    "3034335118138879059068312480021034585",
                    "99919332928848975673383368139348052973",
                    "332317091624075693956511099886703726643",
                    "289683564644458540335370302926211646780",
                    "276807936675439500898209930596972491673",
                    "54216779299783857196709998929477266415",
                    "68532023785045782728477247344711864507"
                ],
                "threshold": 0.9
            }
        },
        {
            "signature_type": "Function",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e67b652d8e8591d3b1e569dbcdfcee15993e91fa",
            "target": {
                "file": "net/sunrpc/auth_gss/gss_krb5_mech.c",
                "function": "gss_import_v2_context"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2023-52653-3be1d878",
            "digest": {
                "function_hash": "292519427885456730289565905920180027460",
                "length": 1767.0
            }
        },
        {
            "signature_type": "Line",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d111e30d9cd846bb368faf3637dc0f71fcbcf822",
            "target": {
                "file": "net/sunrpc/auth_gss/gss_krb5_mech.c"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2023-52653-3f4dfdee",
            "digest": {
                "line_hashes": [
                    "173506516816324947173723450724157025787",
                    "3034335118138879059068312480021034585",
                    "99919332928848975673383368139348052973",
                    "332317091624075693956511099886703726643",
                    "289683564644458540335370302926211646780",
                    "276807936675439500898209930596972491673",
                    "54216779299783857196709998929477266415",
                    "68532023785045782728477247344711864507"
                ],
                "threshold": 0.9
            }
        },
        {
            "signature_type": "Function",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@99044c01ed5329e73651c054d8a4baacdbb1a27c",
            "target": {
                "file": "net/sunrpc/auth_gss/gss_krb5_mech.c",
                "function": "gss_import_v2_context"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2023-52653-5dcc61a6",
            "digest": {
                "function_hash": "292519427885456730289565905920180027460",
                "length": 1767.0
            }
        },
        {
            "signature_type": "Function",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d111e30d9cd846bb368faf3637dc0f71fcbcf822",
            "target": {
                "file": "net/sunrpc/auth_gss/gss_krb5_mech.c",
                "function": "gss_import_v2_context"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2023-52653-82bea2ee",
            "digest": {
                "function_hash": "292519427885456730289565905920180027460",
                "length": 1767.0
            }
        },
        {
            "signature_type": "Line",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@99044c01ed5329e73651c054d8a4baacdbb1a27c",
            "target": {
                "file": "net/sunrpc/auth_gss/gss_krb5_mech.c"
            },
            "signature_version": "v1",
            "deprecated": false,
            "id": "CVE-2023-52653-ad272818",
            "digest": {
                "line_hashes": [
                    "173506516816324947173723450724157025787",
                    "3034335118138879059068312480021034585",
                    "99919332928848975673383368139348052973",
                    "332317091624075693956511099886703726643",
                    "289683564644458540335370302926211646780",
                    "276807936675439500898209930596972491673",
                    "54216779299783857196709998929477266415",
                    "68532023785045782728477247344711864507"
                ],
                "threshold": 0.9
            }
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
2.6.35
Fixed
6.6.23
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.11
Type
ECOSYSTEM
Events
Introduced
6.8.0
Fixed
6.8.2