CVE-2023-54146 (GCVE-0-2023-54146)
Vulnerability from cvelistv5
Published
2025-12-24 13:06
Modified
2025-12-24 13:06
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
x86/kexec: Fix double-free of elf header buffer
After
b3e34a47f989 ("x86/kexec: fix memory leak of elf header buffer"),
freeing image->elf_headers in the error path of crash_load_segments()
is not needed because kimage_file_post_load_cleanup() will take
care of that later. And not clearing it could result in a double-free.
Drop the superfluous vfree() call at the error path of
crash_load_segments().
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | Linux |
Version: 23cf39dccf7653650701a6f39b119e9116a27f1a Version: 8765a423a87d74ef24ea02b43b2728fe4039f248 Version: b3e34a47f98974d0844444c5121aaff123004e57 Version: b3e34a47f98974d0844444c5121aaff123004e57 Version: b3e34a47f98974d0844444c5121aaff123004e57 Version: 115ee42a4c2f26ba2b4ace2668a3f004621f6833 Version: f675e3a9189d84a9324ab45b0cb19906c2bc8fcb |
||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"arch/x86/kernel/crash.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "4c71a552b97fb4f46eb300224434fe56fcf4f254",
"status": "affected",
"version": "23cf39dccf7653650701a6f39b119e9116a27f1a",
"versionType": "git"
},
{
"lessThan": "554a880a1fff46dd5a355dec21cd77d542a0ddf2",
"status": "affected",
"version": "8765a423a87d74ef24ea02b43b2728fe4039f248",
"versionType": "git"
},
{
"lessThan": "fbdbf8ac333d3d47c0d9ea81d7d445654431d100",
"status": "affected",
"version": "b3e34a47f98974d0844444c5121aaff123004e57",
"versionType": "git"
},
{
"lessThan": "5bd3c7abeb69fb4133418b846a1c6dc11313d6f0",
"status": "affected",
"version": "b3e34a47f98974d0844444c5121aaff123004e57",
"versionType": "git"
},
{
"lessThan": "d00dd2f2645dca04cf399d8fc692f3f69b6dd996",
"status": "affected",
"version": "b3e34a47f98974d0844444c5121aaff123004e57",
"versionType": "git"
},
{
"status": "affected",
"version": "115ee42a4c2f26ba2b4ace2668a3f004621f6833",
"versionType": "git"
},
{
"status": "affected",
"version": "f675e3a9189d84a9324ab45b0cb19906c2bc8fcb",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"arch/x86/kernel/crash.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.19"
},
{
"lessThan": "5.19",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.87",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.0.*",
"status": "unaffected",
"version": "6.0.19",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.5",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.2",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.87",
"versionStartIncluding": "5.15.46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.0.19",
"versionStartIncluding": "5.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.5",
"versionStartIncluding": "5.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2",
"versionStartIncluding": "5.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.17.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.18.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/kexec: Fix double-free of elf header buffer\n\nAfter\n\n b3e34a47f989 (\"x86/kexec: fix memory leak of elf header buffer\"),\n\nfreeing image-\u003eelf_headers in the error path of crash_load_segments()\nis not needed because kimage_file_post_load_cleanup() will take\ncare of that later. And not clearing it could result in a double-free.\n\nDrop the superfluous vfree() call at the error path of\ncrash_load_segments()."
}
],
"providerMetadata": {
"dateUpdated": "2025-12-24T13:06:58.904Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/4c71a552b97fb4f46eb300224434fe56fcf4f254"
},
{
"url": "https://git.kernel.org/stable/c/554a880a1fff46dd5a355dec21cd77d542a0ddf2"
},
{
"url": "https://git.kernel.org/stable/c/fbdbf8ac333d3d47c0d9ea81d7d445654431d100"
},
{
"url": "https://git.kernel.org/stable/c/5bd3c7abeb69fb4133418b846a1c6dc11313d6f0"
},
{
"url": "https://git.kernel.org/stable/c/d00dd2f2645dca04cf399d8fc692f3f69b6dd996"
}
],
"title": "x86/kexec: Fix double-free of elf header buffer",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-54146",
"datePublished": "2025-12-24T13:06:58.904Z",
"dateReserved": "2025-12-24T13:02:52.523Z",
"dateUpdated": "2025-12-24T13:06:58.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-54146\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-12-24T13:16:16.607\",\"lastModified\":\"2025-12-24T13:16:16.607\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nx86/kexec: Fix double-free of elf header buffer\\n\\nAfter\\n\\n b3e34a47f989 (\\\"x86/kexec: fix memory leak of elf header buffer\\\"),\\n\\nfreeing image-\u003eelf_headers in the error path of crash_load_segments()\\nis not needed because kimage_file_post_load_cleanup() will take\\ncare of that later. And not clearing it could result in a double-free.\\n\\nDrop the superfluous vfree() call at the error path of\\ncrash_load_segments().\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/4c71a552b97fb4f46eb300224434fe56fcf4f254\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/554a880a1fff46dd5a355dec21cd77d542a0ddf2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/5bd3c7abeb69fb4133418b846a1c6dc11313d6f0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/d00dd2f2645dca04cf399d8fc692f3f69b6dd996\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/fbdbf8ac333d3d47c0d9ea81d7d445654431d100\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…