We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-52653

SUNRPC: fix a memleak in gss_import_v2_context



Description

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gss_import_v2_context The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2_context nor it only caller gss_krb5_import_sec_context, which frees ctx on error. Thus, this patch reform the last call of gss_import_v2_context to the gss_krb5_import_ctx_v2, preventing the memleak while keepping the return formation.

Reserved 2024-03-06 | Published 2024-05-01 | Updated 2024-11-05 | Assigner Linux

Product status

Default status
unaffected

47d848077629 before 99044c01ed53
affected

47d848077629 before 47ac11db93e7
affected

47d848077629 before d111e30d9cd8
affected

47d848077629 before e67b652d8e85
affected

Default status
affected

2.6.35
affected

Any version before 2.6.35
unaffected

6.6.23
unaffected

6.7.11
unaffected

6.8.2
unaffected

6.9
unaffected

References

git.kernel.org/...c/99044c01ed5329e73651c054d8a4baacdbb1a27c

git.kernel.org/...c/47ac11db93e74ac49cd6c3fc69bcbc5964c4a8b4

git.kernel.org/...c/d111e30d9cd846bb368faf3637dc0f71fcbcf822

git.kernel.org/...c/e67b652d8e8591d3b1e569dbcdfcee15993e91fa

cve.org (CVE-2023-52653)

nvd.nist.gov (CVE-2023-52653)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-52653

Support options

Helpdesk Chat, Email, Knowledgebase
Telegram Chat
Subscribe to our newsletter to learn more about our work.