CVE-2023-53611
- Source
- https://cve.org/CVERecord?id=CVE-2023-53611
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53611.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53611
- Downstream
- Related
- Published
- 2025-10-04T15:44:19.593Z
- Modified
- 2026-03-20T12:33:15.512674Z
- Summary
- ipmi_si: fix a memleak in try_smi_init()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
ipmisi: fix a memleak in trysmi_init()
Kmemleak reported the following leak info in trysmiinit():
unreferenced object 0xffff00018ecf9400 (size 1024): comm "modprobe", pid 2707763, jiffies 4300851415 (age 773.308s) backtrace: [<000000004ca5b312>] __kmalloc+0x4b8/0x7b0 [<00000000953b1072>] trysmiinit+0x148/0x5dc [ipmisi] [<000000006460d325>] 0xffff800081b10148 [<0000000039206ea5>] dooneinitcall+0x64/0x2a4 [<00000000601399ce>] doinitmodule+0x50/0x300 [<000000003c12ba3c>] loadmodule+0x7a8/0x9e0 [<00000000c246fffe>] __sesysinit_module+0x104/0x180 [<00000000eea99093>] _arm64sysinitmodule+0x24/0x30 [<0000000021b1ef87>] el0svccommon.constprop.0+0x94/0x250 [<0000000070f4f8b7>] doel0svc+0x48/0xe0 [<000000005a05337f>] el0svc+0x24/0x3c [<000000005eb248d6>] el0synchandler+0x160/0x164 [<0000000030a59039>] el0sync+0x160/0x180
The problem was that when an error occurred before handlers registration and after allocating
new_smi->si_sm, the variable wouldn't be freed in the error handling afterwards sinceshutdown_smi()hadn't been registered yet. Fix it by adding akfree()in the error handling path intry_smi_init(). - Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53611.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/09cb2a71b2e982015fe0464f28da1ab42b8e6375
- https://git.kernel.org/stable/c/1bfcfea0fae0d0a6c6ff5543e6d704b3807b83ce
- https://git.kernel.org/stable/c/5c5f02e16b919c8cb6024dc3778c8d8f1fb1f26b
- https://git.kernel.org/stable/c/6cf1a126de2992b4efe1c3c4d398f8de4aed6e3f
- https://git.kernel.org/stable/c/7291af9a738d936c2d6869d030711dceb68404d0
- https://git.kernel.org/stable/c/b9bc8fbb2d416ce87f0342478dc9fcfd79f2c65f
- https://git.kernel.org/stable/c/cbb7d8a4b4beb3061b3a1847a742983a01dca381
- https://git.kernel.org/stable/c/f53ab5a2bf20fed59a2f7542d3453228b8056358
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53611.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53611
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced7960f18a56475bf2177c5ff56c72eb4c12c56440Fixedb9bc8fbb2d416ce87f0342478dc9fcfd79f2c65fFixedf53ab5a2bf20fed59a2f7542d3453228b8056358Fixed5c5f02e16b919c8cb6024dc3778c8d8f1fb1f26bFixedcbb7d8a4b4beb3061b3a1847a742983a01dca381Fixed09cb2a71b2e982015fe0464f28da1ab42b8e6375Fixed1bfcfea0fae0d0a6c6ff5543e6d704b3807b83ceFixed7291af9a738d936c2d6869d030711dceb68404d0Fixed6cf1a126de2992b4efe1c3c4d398f8de4aed6e3f