CVE-2023-53350

MEDIUM

Linux Kernel 6.4-6.4.12 - Use-After-Free in QAIC Accelerator Slicing Configuration

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix slicing memory leak The temporary buffer storing slicing configuration data from user is only freed on error. This is a memory leak. Free the buffer unconditionally.

References (2)

Core 2

Core References

Patch

https://git.kernel.org/stable/c/df45c3e46cdb41f486eecb4277fbcc4c1ffbf9be

Patch

https://git.kernel.org/stable/c/2d956177b7c96e62fac762a3b7da4318cde27a73

Scores

CVSS v3 5.5

EPSS 0.0017

EPSS Percentile 6.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-401

Status published

Products (8)

Linux/Linux < 6.4

Linux/Linux 6.4

Linux/Linux 6.4.12 - 6.4.*

Linux/Linux 6.5

Linux/Linux ff13be8303336ead5621712f2c55012d738878b5 - 2d956177b7c96e62fac762a3b7da4318cde27a73

Linux/Linux ff13be8303336ead5621712f2c55012d738878b5 - df45c3e46cdb41f486eecb4277fbcc4c1ffbf9be

linux/linux_kernel 6.5 rc1 (6 CPE variants)

linux/linux_kernel 6.4 - 6.4.12

Published Sep 17, 2025

Tracked Since Feb 18, 2026