CVE-2023-54115
- Source
- https://cve.org/CVERecord?id=CVE-2023-54115
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54115.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-54115
- Downstream
- Related
- Published
- 2025-12-24T13:06:36.892Z
- Modified
- 2026-03-31T17:29:50.134235073Z
- Summary
- pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
pcmcia: rsrcnonstatic: Fix memory leak in nonstaticreleaseresourcedb()
When nonstaticreleaseresourcedb() frees all resources associated with an PCMCIA socket, it forgets to free socketdata too, causing a memory leak observable with kmemleak:
unreferenced object 0xc28d1000 (size 64): comm "systemd-udevd", pid 297, jiffies 4294898478 (age 194.484s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 f0 85 0e c3 00 00 00 00 ................ 00 00 00 00 0c 10 8d c2 00 00 00 00 00 00 00 00 ................ backtrace: [<ffda4245>] __kmemcacheallocnode+0x2d7/0x4a0 [<7e51f0c8>] kmalloctrace+0x31/0xa4 [<d52b4ca0>] nonstaticinit+0x24/0x1a4 [pcmciarsrc] [<a2f13e08>] pcmciaregistersocket+0x200/0x35c [pcmciacore] [<a728be1b>] yentaprobe+0x4d8/0xa70 [yentasocket] [<c48fac39>] pcideviceprobe+0x99/0x194 [<84b7c690>] reallyprobe+0x181/0x45c [<8060fe6e>] __driverprobedevice+0x75/0x1f4 [<b9b76f43>] driverprobedevice+0x28/0xac [<648b766f>] __driverattach+0xeb/0x1e4 [<6e9659eb>] busforeachdev+0x61/0xb4 [<25a669f3>] driverattach+0x1e/0x28 [<d8671d6b>] busadddriver+0x102/0x20c [<df0d323c>] driverregister+0x5b/0x120 [<942cd8a4>] __pciregisterdriver+0x44/0x4c [<e536027e>] UNIQUEIDaddressablecleanupmodule188+0x1c/0xfffff000 [iTCOvendorsupport]
Fix this by freeing socket_data too.
Tested on a Acer Travelmate 4002WLMi by manually binding/unbinding the yentacardbus driver (yentasocket).
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54115.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/04bb8af40a7729c398ed4caea7e66cedd2881719
- https://git.kernel.org/stable/c/22100df1d57f04cf2370d5347b9ef547f481deea
- https://git.kernel.org/stable/c/2d45e2be0be35a3d66863563ed2591ee18a6897e
- https://git.kernel.org/stable/c/97fd1c8e9c5aa833aab7e836760bc13103afa892
- https://git.kernel.org/stable/c/bde0b6da7bd893c37afaee3555cc3ac3be582313
- https://git.kernel.org/stable/c/c85fd9422fe0f5d667305efb27f56d09eab120b0
- https://git.kernel.org/stable/c/e8a80cf06b4bb0396212289d651b384c949f09d0
- https://git.kernel.org/stable/c/fd53a1f28faba2c4806c055e706a7721006291c1
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54115.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-54115
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixedbde0b6da7bd893c37afaee3555cc3ac3be582313Fixed2d45e2be0be35a3d66863563ed2591ee18a6897eFixed22100df1d57f04cf2370d5347b9ef547f481deeaFixed04bb8af40a7729c398ed4caea7e66cedd2881719Fixed97fd1c8e9c5aa833aab7e836760bc13103afa892Fixede8a80cf06b4bb0396212289d651b384c949f09d0Fixedfd53a1f28faba2c4806c055e706a7721006291c1Fixedc85fd9422fe0f5d667305efb27f56d09eab120b0
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced2.6.12Fixed4.14.324
- Type
- ECOSYSTEM
- Events
-
Introduced4.15.0Fixed4.19.293
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.255
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.192
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.128
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.47
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.4.12