FKIE_CVE-2023-53852

Vulnerability from fkie_nvd - Published: 2025-12-09 16:17 - Updated: 2025-12-09 18:37
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchap_secret_store Free dhchap_secret in nvme_ctrl_dhchap_secret_store() before we return fix following kmemleack:- unreferenced object 0xffff8886376ea800 (size 64): comm "check", pid 22048, jiffies 4344316705 (age 92.199s) hex dump (first 32 bytes): 44 48 48 43 2d 31 3a 30 30 3a 6e 78 72 35 4b 67 DHHC-1:00:nxr5Kg 75 58 34 75 6f 41 78 73 4a 61 34 63 2f 68 75 4c uX4uoAxsJa4c/huL backtrace: [<0000000030ce5d4b>] __kmalloc+0x4b/0x130 [<000000009be1cdc1>] nvme_ctrl_dhchap_secret_store+0x8f/0x160 [nvme_core] [<00000000ac06c96a>] kernfs_fop_write_iter+0x12b/0x1c0 [<00000000437e7ced>] vfs_write+0x2ba/0x3c0 [<00000000f9491baf>] ksys_write+0x5f/0xe0 [<000000001c46513d>] do_syscall_64+0x3b/0x90 [<00000000ecf348fe>] entry_SYSCALL_64_after_hwframe+0x72/0xdc unreferenced object 0xffff8886376eaf00 (size 64): comm "check", pid 22048, jiffies 4344316736 (age 92.168s) hex dump (first 32 bytes): 44 48 48 43 2d 31 3a 30 30 3a 6e 78 72 35 4b 67 DHHC-1:00:nxr5Kg 75 58 34 75 6f 41 78 73 4a 61 34 63 2f 68 75 4c uX4uoAxsJa4c/huL backtrace: [<0000000030ce5d4b>] __kmalloc+0x4b/0x130 [<000000009be1cdc1>] nvme_ctrl_dhchap_secret_store+0x8f/0x160 [nvme_core] [<00000000ac06c96a>] kernfs_fop_write_iter+0x12b/0x1c0 [<00000000437e7ced>] vfs_write+0x2ba/0x3c0 [<00000000f9491baf>] ksys_write+0x5f/0xe0 [<000000001c46513d>] do_syscall_64+0x3b/0x90 [<00000000ecf348fe>] entry_SYSCALL_64_after_hwframe+0x72/0xdc
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/2e9b141307554521d60fecf6bf1d2edc8dd0181d
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/6a5eda5017959541ab82c5d56bcf784b8294e298
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/a836ca33c5b07d34dd5347af9f64d25651d12674
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/c41ac086d2abaf7527a5685f9c0a1c209ab7e0aa
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-core: fix memory leak in dhchap_secret_store\n\nFree dhchap_secret in nvme_ctrl_dhchap_secret_store() before we return\nfix following kmemleack:-\n\nunreferenced object 0xffff8886376ea800 (size 64):\n  comm \"check\", pid 22048, jiffies 4344316705 (age 92.199s)\n  hex dump (first 32 bytes):\n    44 48 48 43 2d 31 3a 30 30 3a 6e 78 72 35 4b 67  DHHC-1:00:nxr5Kg\n    75 58 34 75 6f 41 78 73 4a 61 34 63 2f 68 75 4c  uX4uoAxsJa4c/huL\n  backtrace:\n    [\u003c0000000030ce5d4b\u003e] __kmalloc+0x4b/0x130\n    [\u003c000000009be1cdc1\u003e] nvme_ctrl_dhchap_secret_store+0x8f/0x160 [nvme_core]\n    [\u003c00000000ac06c96a\u003e] kernfs_fop_write_iter+0x12b/0x1c0\n    [\u003c00000000437e7ced\u003e] vfs_write+0x2ba/0x3c0\n    [\u003c00000000f9491baf\u003e] ksys_write+0x5f/0xe0\n    [\u003c000000001c46513d\u003e] do_syscall_64+0x3b/0x90\n    [\u003c00000000ecf348fe\u003e] entry_SYSCALL_64_after_hwframe+0x72/0xdc\nunreferenced object 0xffff8886376eaf00 (size 64):\n  comm \"check\", pid 22048, jiffies 4344316736 (age 92.168s)\n  hex dump (first 32 bytes):\n    44 48 48 43 2d 31 3a 30 30 3a 6e 78 72 35 4b 67  DHHC-1:00:nxr5Kg\n    75 58 34 75 6f 41 78 73 4a 61 34 63 2f 68 75 4c  uX4uoAxsJa4c/huL\n  backtrace:\n    [\u003c0000000030ce5d4b\u003e] __kmalloc+0x4b/0x130\n    [\u003c000000009be1cdc1\u003e] nvme_ctrl_dhchap_secret_store+0x8f/0x160 [nvme_core]\n    [\u003c00000000ac06c96a\u003e] kernfs_fop_write_iter+0x12b/0x1c0\n    [\u003c00000000437e7ced\u003e] vfs_write+0x2ba/0x3c0\n    [\u003c00000000f9491baf\u003e] ksys_write+0x5f/0xe0\n    [\u003c000000001c46513d\u003e] do_syscall_64+0x3b/0x90\n    [\u003c00000000ecf348fe\u003e] entry_SYSCALL_64_after_hwframe+0x72/0xdc"
    }
  ],
  "id": "CVE-2023-53852",
  "lastModified": "2025-12-09T18:37:13.640",
  "metrics": {},
  "published": "2025-12-09T16:17:25.797",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/2e9b141307554521d60fecf6bf1d2edc8dd0181d"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/6a5eda5017959541ab82c5d56bcf784b8294e298"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/a836ca33c5b07d34dd5347af9f64d25651d12674"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/c41ac086d2abaf7527a5685f9c0a1c209ab7e0aa"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.