DEBIAN-CVE-2023-53396
- Source
- https://security-tracker.debian.org/tracker/CVE-2023-53396
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53396.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-53396
- Upstream
- Published
- 2025-09-18T14:15:42Z
- Modified
- 2025-09-19T15:31:10.157636Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in dorename If renaming a file in an encrypted directory, function fscryptsetupfilename allocates memory for a file name. This name is never used, and before returning to the caller the memory for it is not freed. When running kmemleak on it we see that it is registered as a leak. The report below is triggered by a simple program 'rename' that renames a file in an encrypted directory: unreferenced object 0xffff888101502840 (size 32): comm "rename", pid 9404, jiffies 4302582475 (age 435.735s) backtrace: _kmemcacheallocnode _kmalloc fscryptsetupfilename dorename ubifsrename vfsrename dorenameat2 To fix this we can remove the call to fscryptsetupfilename as it's not needed.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source