CVE-2023-53276
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-16

Last updated on: 2025-12-03

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename allocates memory for the name that is to be stored in the directory entry, but after the name has been copied to the directory entry inode, the memory is not freed. When running kmemleak on it we see that it is registered as a leak. The report below is triggered by a simple program 'tmpfile' just opening a tmpfile: unreferenced object 0xffff88810178f380 (size 32): comm "tmpfile", pid 509, jiffies 4294934744 (age 1524.742s) backtrace: __kmem_cache_alloc_node __kmalloc fscrypt_setup_filename ubifs_tmpfile vfs_tmpfile path_openat Free this memory after it has been copied to the inode.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-16
Last Modified
2025-12-03
Generated
2026-06-16
AI Q&A
2025-09-16
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53276
Affected Vendors & Products
Showing 8 associated CPEs
Vendor Product Version / Range
linux linux_kernel to 4.14.315 (exc)
linux linux_kernel From 4.15 (inc) to 4.19.283 (exc)
linux linux_kernel From 4.20 (inc) to 5.4.243 (exc)
linux linux_kernel From 5.5 (inc) to 5.10.180 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.111 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.28 (exc)
linux linux_kernel From 6.2 (inc) to 6.2.15 (exc)
linux linux_kernel From 6.3 (inc) to 6.3.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-401 The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's ubifs subsystem when opening a temporary file (tmpfile) on an encrypted directory. The function fscrypt_setup_filename allocates memory for the filename to be stored in the directory entry, but after copying the name to the inode, it fails to free the allocated memory. This results in a memory leak, as the allocated memory remains unreferenced and is detected by the kernel memory leak detector (kmemleak).

Impact Analysis

The impact of this vulnerability is a memory leak in the Linux kernel when tmpfiles are opened on encrypted directories using ubifs. Over time, this could lead to increased memory usage and potentially degrade system performance or stability if many tmpfiles are opened without the leaked memory being freed.

Detection Guidance

This vulnerability can be detected by running kmemleak on the system. The kmemleak tool will report unreferenced memory objects related to the tmpfile operation in ubifs. For example, running a simple program that opens a ubifs tmpfile and monitoring kmemleak reports can help identify the memory leak. Specific commands include enabling kmemleak in the kernel and using 'echo scan > /sys/kernel/debug/kmemleak' to trigger a scan, then 'cat /sys/kernel/debug/kmemleak' to view reports.

Mitigation Strategies

Immediate mitigation involves updating the Linux kernel to a version where this vulnerability is fixed, as the issue is resolved by freeing the allocated memory after it has been copied to the inode. Until then, monitoring with kmemleak can help detect the issue, but no other direct mitigation steps are provided.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53276. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart