DEBIAN-CVE-2023-53852

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2023-53852

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53852.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-53852

Upstream

CVE-2023-53852

Published

2025-12-09T16:17:25.797Z

Modified

2025-12-10T10:18:44.244120Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchapsecretstore Free dhchapsecret in nvmectrldhchapsecretstore() before we return fix following kmemleack:- unreferenced object 0xffff8886376ea800 (size 64): comm "check", pid 22048, jiffies 4344316705 (age 92.199s) hex dump (first 32 bytes): 44 48 48 43 2d 31 3a 30 30 3a 6e 78 72 35 4b 67 DHHC-1:00:nxr5Kg 75 58 34 75 6f 41 78 73 4a 61 34 63 2f 68 75 4c uX4uoAxsJa4c/huL backtrace: [<0000000030ce5d4b>] _kmalloc+0x4b/0x130 [<000000009be1cdc1>] nvmectrldhchapsecretstore+0x8f/0x160 [nvmecore] [<00000000ac06c96a>] kernfsfopwriteiter+0x12b/0x1c0 [<00000000437e7ced>] vfswrite+0x2ba/0x3c0 [<00000000f9491baf>] ksyswrite+0x5f/0xe0 [<000000001c46513d>] dosyscall64+0x3b/0x90 [<00000000ecf348fe>] entrySYSCALL64afterhwframe+0x72/0xdc unreferenced object 0xffff8886376eaf00 (size 64): comm "check", pid 22048, jiffies 4344316736 (age 92.168s) hex dump (first 32 bytes): 44 48 48 43 2d 31 3a 30 30 3a 6e 78 72 35 4b 67 DHHC-1:00:nxr5Kg 75 58 34 75 6f 41 78 73 4a 61 34 63 2f 68 75 4c uX4uoAxsJa4c/huL backtrace: [<0000000030ce5d4b>] _kmalloc+0x4b/0x130 [<000000009be1cdc1>] nvmectrldhchapsecretstore+0x8f/0x160 [nvmecore] [<00000000ac06c96a>] kernfsfopwriteiter+0x12b/0x1c0 [<00000000437e7ced>] vfswrite+0x2ba/0x3c0 [<00000000f9491baf>] ksyswrite+0x5f/0xe0 [<000000001c46513d>] dosyscall64+0x3b/0x90 [<00000000ecf348fe>] entrySYSCALL64after_hwframe+0x72/0xdc

References

https://security-tracker.debian.org/tracker/CVE-2023-53852

Affected packages

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.52-1

Affected versions

6.*

6.1.27-1

6.1.37-1

6.1.38-1

6.1.38-2~bpo11+1

6.1.38-2

6.1.38-3

6.1.38-4~bpo11+1

6.1.38-4

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53852.json"

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53852.json"

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.4.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53852.json"