Executive Summary



This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary
Informations
Name CVE-2023-53078 First vendor Publication 2025-05-02
Vendor Cve Last vendor Modification 2025-05-02

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector :
Cvss Base Score N/A Attack Range N/A
Cvss Impact Score N/A Attack Complexity N/A
Cvss Expoit Score N/A Authentication N/A
Calculate full CVSS 2.0 Vectors scores

Detail

In the Linux kernel, the following vulnerability has been resolved:

scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()

If alua_rtpg_queue() failed from alua_activate(), then 'qdata' is not freed, which will cause following memleak:

unreferenced object 0xffff88810b2c6980 (size 32):
comm "kworker/u16:2", pid 635322, jiffies 4355801099 (age 1216426.076s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
40 39 24 c1 ff ff ff ff 00 f8 ea 0a 81 88 ff ff @9$.............
backtrace:
[<0000000098f3a26d>] alua_activate+0xb0/0x320
[<000000003b529641>] scsi_dh_activate+0xb2/0x140
[<000000007b296db3>] activate_path_work+0xc6/0xe0 [dm_multipath]
[<000000007adc9ace>] process_one_work+0x3c5/0x730
[<00000000c457a985>] worker_thread+0x93/0x650
[<00000000cb80e628>] kthread+0x1ba/0x210
[<00000000a1e61077>] ret_from_fork+0x22/0x30

Fix the problem by freeing 'qdata' in error path.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-53078

Sources (Detail)

https://git.kernel.org/stable/c/0d89254a4320eb7de0970c478172f764125c6355
https://git.kernel.org/stable/c/123483df146492ca22b503ae6dacc2ce7c3a3974
https://git.kernel.org/stable/c/1c55982beb80c7d3c30278fc6cfda8496a31dbe6
https://git.kernel.org/stable/c/5c4d71424df34fc23dc5336d09394ce68c849542
https://git.kernel.org/stable/c/9311e7a554dffd3823499e309a8b86a5cd1540e5
https://git.kernel.org/stable/c/a13faca032acbf2699293587085293bdfaafc8ae
https://git.kernel.org/stable/c/c09cdf6eb815ee35e55d6c50ac7f63db58bd20b8
https://git.kernel.org/stable/c/c110051d335ef7f62ad33474b0c23997fee5bfb5
Source Url

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2025-05-27 02:29:51
  • First insertion