CVE-2023-53181
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-53181
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53181.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53181
- Downstream
- Related
- Published
- 2025-09-15T14:04:32.098Z
- Modified
- 2025-11-28T02:34:19.103222Z
- Summary
- dma-buf/dma-resv: Stop leaking on krealloc() failure
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
dma-buf/dma-resv: Stop leaking on krealloc() failure
Currently dmaresvgetfences() will leak the previously allocated array if the fence iteration got restarted and the kreallocarray() fails.
Free the old array by hand, and make sure we still clear the returned *fences so the caller won't end up accessing freed memory. Some (but not all) of the callers of dmaresvgetfences() seem to still trawl through the array even when dmaresvgetfences() failed. And let's zero out *num_fences as well for good measure.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53181.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/05abb3be91d8788328231ee02973ab3d47f5e3d2
- https://git.kernel.org/stable/c/19e7b9f1f7e1cb92a4cc53b4c064f7fb4b1f1983
- https://git.kernel.org/stable/c/819656cc03dec7f7f7800274dfbc8eb49f888e9f
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53181.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53181