CVE-2023-52977
- Source
- https://cve.org/CVERecord?id=CVE-2023-52977
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52977.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-52977
- Downstream
- Published
- 2025-03-27T16:43:17.234Z
- Modified
- 2026-03-12T03:27:53.028463Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- net: openvswitch: fix flow memory leak in ovs_flow_cmd_new
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net: openvswitch: fix flow memory leak in ovsflowcmd_new
Syzkaller reports a memory leak of newflow in ovsflowcmdnew() as it is not freed when an allocation of a key fails.
BUG: memory leak unreferenced object 0xffff888116668000 (size 632): comm "syz-executor231", pid 1090, jiffies 4294844701 (age 18.871s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000defa3494>] kmemcachezalloc include/linux/slab.h:654 [inline] [<00000000defa3494>] ovsflowalloc+0x19/0x180 net/openvswitch/flowtable.c:77 [<00000000c67d8873>] ovsflowcmdnew+0x1de/0xd40 net/openvswitch/datapath.c:957 [<0000000010a539a8>] genlfamilyrcvmsgdoit+0x22d/0x330 net/netlink/genetlink.c:739 [<00000000dff3302d>] genlfamilyrcvmsg net/netlink/genetlink.c:783 [inline] [<00000000dff3302d>] genlrcvmsg+0x328/0x590 net/netlink/genetlink.c:800 [<000000000286dd87>] netlinkrcvskb+0x153/0x430 net/netlink/afnetlink.c:2515 [<0000000061fed410>] genlrcv+0x24/0x40 net/netlink/genetlink.c:811 [<000000009dc0f111>] netlinkunicastkernel net/netlink/afnetlink.c:1313 [inline] [<000000009dc0f111>] netlinkunicast+0x545/0x7f0 net/netlink/afnetlink.c:1339 [<000000004a5ee816>] netlinksendmsg+0x8e7/0xde0 net/netlink/afnetlink.c:1934 [<00000000482b476f>] socksendmsgnosec net/socket.c:651 [inline] [<00000000482b476f>] sock_sendmsg+0x152/0x190 net/socket.c:671 [<00000000698574ba>] ____sys_sendmsg+0x70a/0x870 net/socket.c:2356 [<00000000d28d9e11>] ___sys_sendmsg+0xf3/0x170 net/socket.c:2410 [<0000000083ba9120>] _syssendmsg+0xe5/0x1b0 net/socket.c:2439 [<00000000c00628f8>] dosyscall64+0x30/0x40 arch/x86/entry/common.c:46 [<000000004abfdcf4>] entrySYSCALL64afterhwframe+0x61/0xc6
To fix this the patch rearranges the goto labels to reflect the order of object allocations and adds appropriate goto statements on the error paths.
Found by Linux Verification Center (linuxtesting.org) with Syzkaller.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52977.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/0c598aed445eb45b0ee7ba405f7ece99ee349c30
- https://git.kernel.org/stable/c/1ac653cf886cdfc082708c82dc6ac6115cebd2ee
- https://git.kernel.org/stable/c/70154489f531587996f3e9d7cceeee65cff0001d
- https://git.kernel.org/stable/c/70d40674a549d498bd63d5432acf46205da1534b
- https://git.kernel.org/stable/c/af4e720bc00a2653f7b9df21755b9978b3d7f386
- https://git.kernel.org/stable/c/ed6c5e8caf55778500202775167e8ccdb1a030cb
- https://git.kernel.org/stable/c/f423c2efd51d7eb1d143c2be7eea233241d9bbbf
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52977.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-52977
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced655e873bf528f0f46ce6b069f9a2daee9621197cFixed1ac653cf886cdfc082708c82dc6ac6115cebd2ee
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedee27d70556a47c3a07e65a60f47e3ea12a255af8Fixedaf4e720bc00a2653f7b9df21755b9978b3d7f386
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8b74211bf60b3e0c0ed4fe3d16c92ffdcaaf34ebFixeded6c5e8caf55778500202775167e8ccdb1a030cb
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced6736b61ecf230dd656464de0f514bdeadb384f20Fixed70154489f531587996f3e9d7cceeee65cff0001d
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0133615a06007684df648feb9d327714e399afd4Fixedf423c2efd51d7eb1d143c2be7eea233241d9bbbf
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced32d5fa5bdccec2361fc6c4ed05a7367155b3a1e9Fixed70d40674a549d498bd63d5432acf46205da1534b
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced68bb10101e6b0a6bb44e9c908ef795fc4af99eaeFixed0c598aed445eb45b0ee7ba405f7ece99ee349c30
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected4f592e712ea2132f511d545954867d7880df5be2Last affecteda991a411c3e21ef22507400dbb179ae02029d42c