CVE-2023-53423
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-18
Last updated on: 2025-12-11
Assigner: kernel.org
Description
Description
In the Linux kernel, the following vulnerability has been resolved:
objtool: Fix memory leak in create_static_call_sections()
strdup() allocates memory for key_name. We need to release the memory in
the following error paths. Add free() to avoid memory leak.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.10 (inc) to 5.10.173 (exc) |
| linux | linux_kernel | From 5.11 (inc) to 5.15.100 (exc) |
| linux | linux_kernel | From 5.16 (inc) to 6.1.18 (exc) |
| linux | linux_kernel | From 6.2 (inc) to 6.2.5 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-401 | The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a memory leak in the Linux kernel's objtool component, specifically in the create_static_call_sections() function. The issue occurs because memory allocated by strdup() for key_name is not properly freed in certain error paths. The fix involves adding free() calls to release this memory and prevent the leak.
How can this vulnerability impact me? :
The memory leak could lead to increased memory usage over time, potentially causing system instability or degraded performance if the leak occurs frequently or in critical environments.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70