CVE-2023-53008

MEDIUM

Linux Kernel < 6.1.9 - Memory Leak

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential memory leaks in session setup Make sure to free cifs_ses::auth_key.response before allocating it as we might end up leaking memory in reconnect or mounting.

References (2)

[Patch] https://git.kernel.org/stable/c/2fe58d977ee05da5bb89ef5dc4f5bf2dc15db46f

[Patch] https://git.kernel.org/stable/c/893d45394dbe4b5cbf3723c19e2ccc8b93a6ac9b

Scores

CVSS v3 5.5

EPSS 0.0007

EPSS Percentile 20.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (4)

linux/linux_kernel < 6.1.9

linux/linux_kernel

Timeline

Published Mar 27, 2025

Tracked Since Feb 18, 2026