CVE-2023-52653
- Source
- https://cve.org/CVERecord?id=CVE-2023-52653
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52653.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-52653
- Downstream
- Related
- Published
- 2024-05-01T13:04:02.055Z
- Modified
- 2026-03-13T07:48:07.641064Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- SUNRPC: fix a memleak in gss_import_v2_context
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: fix a memleak in gssimportv2_context
The ctx->mechused.data allocated by kmemdup is not freed in neither gssimportv2context nor it only caller gsskrb5importseccontext, which frees ctx on error.
Thus, this patch reform the last call of gssimportv2context to the gsskrb5importctx_v2, preventing the memleak while keepping the return formation.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52653.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/47ac11db93e74ac49cd6c3fc69bcbc5964c4a8b4
- https://git.kernel.org/stable/c/99044c01ed5329e73651c054d8a4baacdbb1a27c
- https://git.kernel.org/stable/c/d111e30d9cd846bb368faf3637dc0f71fcbcf822
- https://git.kernel.org/stable/c/e67b652d8e8591d3b1e569dbcdfcee15993e91fa
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52653.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-52653
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced47d84807762966c3611c38adecec6ea703ddda7aFixed99044c01ed5329e73651c054d8a4baacdbb1a27cFixed47ac11db93e74ac49cd6c3fc69bcbc5964c4a8b4Fixedd111e30d9cd846bb368faf3637dc0f71fcbcf822Fixede67b652d8e8591d3b1e569dbcdfcee15993e91fa