DEBIAN-CVE-2023-53271
- Source
- https://security-tracker.debian.org/tracker/CVE-2023-53271
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53271.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-53271
- Upstream
- Published
- 2025-09-16T08:15:35Z
- Modified
- 2025-09-19T07:33:41.201059Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix unreferenced object reported by kmemleak in ubiresizevolume() There is a memory leaks problem reported by kmemleak: unreferenced object 0xffff888102007a00 (size 128): comm "ubirsvol", pid 32090, jiffies 4298464136 (age 2361.231s) hex dump (first 32 bytes): ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ................ backtrace: [<ffffffff8176cecd>] _kmalloc+0x4d/0x150 [<ffffffffa02a9a36>] ubiebacreatetable+0x76/0x170 [ubi] [<ffffffffa029764e>] ubiresizevolume+0x1be/0xbc0 [ubi] [<ffffffffa02a3321>] ubicdevioctl+0x701/0x1850 [ubi] [<ffffffff81975d2d>] _x64sysioctl+0x11d/0x170 [<ffffffff83c142a5>] dosyscall64+0x35/0x80 [<ffffffff83e0006a>] entrySYSCALL64afterhwframe+0x46/0xb0 This is due to a mismatch between create and destroy interfaces, and in detail that "newebatbl" created by ubiebacreatetable() but destroyed by kfree(), while will causing "newebatbl->entries" not freed. Fix it by replacing kfree(newebatbl) with ubiebadestroytable(neweba_tbl)
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.178-1
Affected versions
5.*
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source