{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53468", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-10-01T11:39:39.400Z", "datePublished": "2025-10-01T11:42:38.673Z", "dateUpdated": "2025-10-01T11:42:38.673Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-10-01T11:42:38.673Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Fix memory leak in alloc_wbufs()\n\nkmemleak reported a sequence of memory leaks, and show them as following:\n\n unreferenced object 0xffff8881575f8400 (size 1024):\n comm \"mount\", pid 19625, jiffies 4297119604 (age 20.383s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<ffffffff8176cecd>] __kmalloc+0x4d/0x150\n [<ffffffffa0406b2b>] ubifs_mount+0x307b/0x7170 [ubifs]\n [<ffffffff819fa8fd>] legacy_get_tree+0xed/0x1d0\n [<ffffffff81936f2d>] vfs_get_tree+0x7d/0x230\n [<ffffffff819b2bd4>] path_mount+0xdd4/0x17b0\n [<ffffffff819b37aa>] __x64_sys_mount+0x1fa/0x270\n [<ffffffff83c14295>] do_syscall_64+0x35/0x80\n [<ffffffff83e0006a>] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\n unreferenced object 0xffff8881798a6e00 (size 512):\n comm \"mount\", pid 19677, jiffies 4297121912 (age 37.816s)\n hex dump (first 32 bytes):\n 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n backtrace:\n [<ffffffff8176cecd>] __kmalloc+0x4d/0x150\n [<ffffffffa0418342>] ubifs_wbuf_init+0x52/0x480 [ubifs]\n [<ffffffffa0406ca5>] ubifs_mount+0x31f5/0x7170 [ubifs]\n [<ffffffff819fa8fd>] legacy_get_tree+0xed/0x1d0\n [<ffffffff81936f2d>] vfs_get_tree+0x7d/0x230\n [<ffffffff819b2bd4>] path_mount+0xdd4/0x17b0\n [<ffffffff819b37aa>] __x64_sys_mount+0x1fa/0x270\n [<ffffffff83c14295>] do_syscall_64+0x35/0x80\n [<ffffffff83e0006a>] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe problem is that the ubifs_wbuf_init() returns an error in the\nloop which in the alloc_wbufs(), then the wbuf->buf and wbuf->inodes\nthat were successfully alloced before are not freed.\n\nFix it by adding error hanging path in alloc_wbufs() which frees\nthe memory alloced before when ubifs_wbuf_init() returns an error."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ubifs/super.c"], "versions": [{"version": "1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d", "lessThan": "1f206002c6bc302bface871ef3f72c0bbcaa931c", "status": "affected", "versionType": "git"}, {"version": "1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d", "lessThan": "bf50229494f0443b3f08427d7df63e5a7e2a796a", "status": "affected", "versionType": "git"}, {"version": "1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d", "lessThan": "3e29634eb56e6547272fe4e568f63421f8b3b9fa", "status": "affected", "versionType": "git"}, {"version": "1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d", "lessThan": "26ec45f1c504e15268383019df139d7983f1e67f", "status": "affected", "versionType": "git"}, {"version": "1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d", "lessThan": "e11f36d3bc4d23f620754a948fe7b82b63dcb185", "status": "affected", "versionType": "git"}, {"version": "1e51764a3c2ac05a23a22b2a95ddee4d9bffb16d", "lessThan": "4a1ff3c5d04b9079b4f768d9a71b51c4af578dd2", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/ubifs/super.c"], "versions": [{"version": "2.6.27", "status": "affected"}, {"version": "0", "lessThan": "2.6.27", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.235", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.173", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.100", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.18", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2.5", "lessThanOrEqual": "6.2.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.27", "versionEndExcluding": "5.4.235"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.27", "versionEndExcluding": "5.10.173"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.27", "versionEndExcluding": "5.15.100"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.27", "versionEndExcluding": "6.1.18"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.27", "versionEndExcluding": "6.2.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.27", "versionEndExcluding": "6.3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/1f206002c6bc302bface871ef3f72c0bbcaa931c"}, {"url": "https://git.kernel.org/stable/c/bf50229494f0443b3f08427d7df63e5a7e2a796a"}, {"url": "https://git.kernel.org/stable/c/3e29634eb56e6547272fe4e568f63421f8b3b9fa"}, {"url": "https://git.kernel.org/stable/c/26ec45f1c504e15268383019df139d7983f1e67f"}, {"url": "https://git.kernel.org/stable/c/e11f36d3bc4d23f620754a948fe7b82b63dcb185"}, {"url": "https://git.kernel.org/stable/c/4a1ff3c5d04b9079b4f768d9a71b51c4af578dd2"}], "title": "ubifs: Fix memory leak in alloc_wbufs()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BE762D6-5ED1-42B3-9E57-0ED017DD275F", "versionEndExcluding": "5.4.235", "versionStartIncluding": "2.6.27", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D810CFB-B7C5-493C-B98A-0D5F0D8A47B6", "versionEndExcluding": "5.10.173", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6D7E5BB5-018B-46B7-A2C4-1ADB75099822", "versionEndExcluding": "5.15.100", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8D24FD5-5A98-4042-9419-39DCFCBEFFF5", "versionEndExcluding": "6.1.18", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0575B33B-A320-4E51-84CA-10C937341E02", "versionEndExcluding": "6.2.5", "versionStartIncluding": "6.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Fix memory leak in alloc_wbufs()\n\nkmemleak reported a sequence of memory leaks, and show them as following:\n\n unreferenced object 0xffff8881575f8400 (size 1024):\n comm \"mount\", pid 19625, jiffies 4297119604 (age 20.383s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<ffffffff8176cecd>] __kmalloc+0x4d/0x150\n [<ffffffffa0406b2b>] ubifs_mount+0x307b/0x7170 [ubifs]\n [<ffffffff819fa8fd>] legacy_get_tree+0xed/0x1d0\n [<ffffffff81936f2d>] vfs_get_tree+0x7d/0x230\n [<ffffffff819b2bd4>] path_mount+0xdd4/0x17b0\n [<ffffffff819b37aa>] __x64_sys_mount+0x1fa/0x270\n [<ffffffff83c14295>] do_syscall_64+0x35/0x80\n [<ffffffff83e0006a>] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\n unreferenced object 0xffff8881798a6e00 (size 512):\n comm \"mount\", pid 19677, jiffies 4297121912 (age 37.816s)\n hex dump (first 32 bytes):\n 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n backtrace:\n [<ffffffff8176cecd>] __kmalloc+0x4d/0x150\n [<ffffffffa0418342>] ubifs_wbuf_init+0x52/0x480 [ubifs]\n [<ffffffffa0406ca5>] ubifs_mount+0x31f5/0x7170 [ubifs]\n [<ffffffff819fa8fd>] legacy_get_tree+0xed/0x1d0\n [<ffffffff81936f2d>] vfs_get_tree+0x7d/0x230\n [<ffffffff819b2bd4>] path_mount+0xdd4/0x17b0\n [<ffffffff819b37aa>] __x64_sys_mount+0x1fa/0x270\n [<ffffffff83c14295>] do_syscall_64+0x35/0x80\n [<ffffffff83e0006a>] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe problem is that the ubifs_wbuf_init() returns an error in the\nloop which in the alloc_wbufs(), then the wbuf->buf and wbuf->inodes\nthat were successfully alloced before are not freed.\n\nFix it by adding error hanging path in alloc_wbufs() which frees\nthe memory alloced before when ubifs_wbuf_init() returns an error."}], "id": "CVE-2023-53468", "lastModified": "2026-01-20T15:52:36.877", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-10-01T12:15:48.830", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/1f206002c6bc302bface871ef3f72c0bbcaa931c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/26ec45f1c504e15268383019df139d7983f1e67f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3e29634eb56e6547272fe4e568f63421f8b3b9fa"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4a1ff3c5d04b9079b4f768d9a71b51c4af578dd2"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bf50229494f0443b3f08427d7df63e5a7e2a796a"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e11f36d3bc4d23f620754a948fe7b82b63dcb185"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: ubifs: Fix memory leak in alloc_wbufs()", "id": "2400752", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400752"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nubifs: Fix memory leak in alloc_wbufs()\nkmemleak reported a sequence of memory leaks, and show them as following:\nunreferenced object 0xffff8881575f8400 (size 1024):\ncomm \"mount\", pid 19625, jiffies 4297119604 (age 20.383s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[<ffffffff8176cecd>] __kmalloc+0x4d/0x150\n[<ffffffffa0406b2b>] ubifs_mount+0x307b/0x7170 [ubifs]\n[<ffffffff819fa8fd>] legacy_get_tree+0xed/0x1d0\n[<ffffffff81936f2d>] vfs_get_tree+0x7d/0x230\n[<ffffffff819b2bd4>] path_mount+0xdd4/0x17b0\n[<ffffffff819b37aa>] __x64_sys_mount+0x1fa/0x270\n[<ffffffff83c14295>] do_syscall_64+0x35/0x80\n[<ffffffff83e0006a>] entry_SYSCALL_64_after_hwframe+0x46/0xb0\nunreferenced object 0xffff8881798a6e00 (size 512):\ncomm \"mount\", pid 19677, jiffies 4297121912 (age 37.816s)\nhex dump (first 32 bytes):\n6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\nbacktrace:\n[<ffffffff8176cecd>] __kmalloc+0x4d/0x150\n[<ffffffffa0418342>] ubifs_wbuf_init+0x52/0x480 [ubifs]\n[<ffffffffa0406ca5>] ubifs_mount+0x31f5/0x7170 [ubifs]\n[<ffffffff819fa8fd>] legacy_get_tree+0xed/0x1d0\n[<ffffffff81936f2d>] vfs_get_tree+0x7d/0x230\n[<ffffffff819b2bd4>] path_mount+0xdd4/0x17b0\n[<ffffffff819b37aa>] __x64_sys_mount+0x1fa/0x270\n[<ffffffff83c14295>] do_syscall_64+0x35/0x80\n[<ffffffff83e0006a>] entry_SYSCALL_64_after_hwframe+0x46/0xb0\nThe problem is that the ubifs_wbuf_init() returns an error in the\nloop which in the alloc_wbufs(), then the wbuf->buf and wbuf->inodes\nthat were successfully alloced before are not freed.\nFix it by adding error hanging path in alloc_wbufs() which frees\nthe memory alloced before when ubifs_wbuf_init() returns an error."], "name": "CVE-2023-53468", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:rhivos:1", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat In-Vehicle Operating System 1"}], "public_date": "2025-10-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-53468\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53468\nhttps://lore.kernel.org/linux-cve-announce/2025100109-CVE-2023-53468-8dea@gregkh/T"], "threat_severity": "Low"}

{"created": "2025-10-02T08:39:49.427849+00:00", "updated": "2025-10-02T08:39:49.427910+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}