CVE-2023-54024

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-54024
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54024.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-54024
Downstream
Related
Published
2025-12-24T10:55:53.718Z
Modified
2026-03-11T07:51:30.075287Z
Summary
KVM: Destroy target device if coalesced MMIO unregistration fails
Details

In the Linux kernel, the following vulnerability has been resolved:

KVM: Destroy target device if coalesced MMIO unregistration fails

Destroy and free the target coalesced MMIO device if unregistering said device fails. As clearly noted in the code, kvmiobusunregisterdev() does not destroy the target device.

BUG: memory leak unreferenced object 0xffff888112a54880 (size 64): comm "syz-executor.2", pid 5258, jiffies 4297861402 (age 14.129s) hex dump (first 32 bytes): 38 c7 67 15 00 c9 ff ff 38 c7 67 15 00 c9 ff ff 8.g.....8.g..... e0 c7 e1 83 ff ff ff ff 00 30 67 15 00 c9 ff ff .........0g..... backtrace: [<0000000006995a8a>] kmalloc include/linux/slab.h:556 [inline] [<0000000006995a8a>] kzalloc include/linux/slab.h:690 [inline] [<0000000006995a8a>] kvmvmioctlregistercoalescedmmio+0x8e/0x3d0 arch/x86/kvm/../../../virt/kvm/coalescedmmio.c:150 [<00000000022550c2>] kvmvmioctl+0x47d/0x1600 arch/x86/kvm/../../../virt/kvm/kvmmain.c:3323 [<000000008a75102f>] vfsioctl fs/ioctl.c:46 [inline] [<000000008a75102f>] fileioctl fs/ioctl.c:509 [inline] [<000000008a75102f>] dovfsioctl+0xbab/0x1160 fs/ioctl.c:696 [<0000000080e3f669>] ksysioctl+0x76/0xa0 fs/ioctl.c:713 [<0000000059ef4888>] __dosysioctl fs/ioctl.c:720 [inline] [<0000000059ef4888>] __sesysioctl fs/ioctl.c:718 [inline] [<0000000059ef4888>] __x64sysioctl+0x6f/0xb0 fs/ioctl.c:718 [<000000006444fa05>] dosyscall64+0x9f/0x4e0 arch/x86/entry/common.c:290 [<000000009a4ed50b>] entrySYSCALL64afterhwframe+0x49/0xbe

BUG: leak checking failed

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54024.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
7d1bc32d6477ff96a32695ea4be8144e4513ab2d
Fixed
10c2a20d73e99463e69b7e92706791656adc16d7
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
2a20592baff59c5351c5200ec667e1a2aa22af85
Fixed
76a9886e1b61ce5592df5ae78a19ed30399ae189
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5d3c4c79384af06e3c8e25b7770b6247496b4417
Fixed
999439fd5da5a76253e2f2c37b94204f47d75491
Fixed
ccf6a7fb1aedb1472e1241ee55e4d26b68f8d066
Fixed
fb436dd6914325075f07d19851ab277b7a693ae7
Fixed
b1cb1fac22abf102ffeb29dd3eeca208a3869d54
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
168e82f640ed1891a700bdb43e37da354b2ab63c
Last affected
50cbad42bfea8c052b7ca590bd4126cdc898713c

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54024.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.235
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.173
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.99
Type
ECOSYSTEM
Events
Introduced
5.13.0
Fixed
6.1.16
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.2.3

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54024.json"