CVE & CISA-KEV Catalog

CVE-2023-53489

MEDIUM
5.5
CVSS v3
NVD

Description

In the Linux kernel, the following vulnerability has been resolved: tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. syzkaller reported [0] memory leaks of an UDP socket and ZEROCOPY skbs. We can reproduce the problem with these sequences: sk = socket(AF_INET, SOCK_DGRAM, 0) sk.setsockopt(SOL_SOCKET, SO_TIMESTAMPING, SOF_TIMESTAMPING_TX_SOFTWARE) sk.setsockopt(SOL_SOCKET, SO_ZEROCOPY, 1) sk.sendto(b'', MSG_ZEROCOPY, ('127.0.0.1', 53)) sk.close() sendmsg() calls msg_zerocopy_alloc(), which allocates a skb, sets skb->cb->ubuf.refcnt to 1, and calls sock_hold(). Here, struct ubuf_info_msgzc indirectly holds a refcnt of the socket. When the skb is sent, __skb_tstamp_tx() clones it and puts the clone into the socket's error queue with the TX timestamp. When the original skb is received locally, skb_copy_ubufs() calls skb_unclone(), and pskb_expand_head() increments skb->cb->ubuf.refcnt. This additional count is decremented while freeing the skb, but struct ubuf_info_msgzc still has a refcnt, so __msg_zerocopy_callback() is not called. The last refcnt is not released unless we retrieve the TX timestamped skb by recvmsg(). Since we clear the error queue in inet_sock_destruct() after the socket's refcnt reaches 0, there is a circular dependency. If we close() the socket holding such skbs, we never call sock_put() and leak the count, sk, and skb. TCP has the same problem, and commit e0c8bccd40fc ("net: stream: purge sk_error_queue in sk_stream_kill_queues()") tried to fix it by calling skb_queue_purge() during close(). However, there is a small chance that skb queued in a qdisc or device could be put into the error queue after the skb_queue_purge() call. In __skb_tstamp_tx(), the cloned skb should not have a reference to the ubuf to remove the circular dependency, but skb_clone() does not call skb_copy_ubufs() for zerocopy skb. So, we need to call skb_orphan_frags_rx() for the cloned skb to call skb_copy_ubufs(). [0]: BUG: memory leak unreferenced object 0xffff88800c6d2d00 (size 1152): comm "syz-executor392", pid 264, jiffies 4294785440 (age 13.044s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 cd af e8 81 00 00 00 00 ................ 02 00 07 40 00 00 00 00 00 00 00 00 00 00 00 00 ...@............ backtrace: [<0000000055636812>] sk_prot_alloc+0x64/0x2a0 net/core/sock.c:2024 [<0000000054d77b7a>] sk_alloc+0x3b/0x800 net/core/sock.c:2083 [<0000000066f3c7e0>] inet_create net/ipv4/af_inet.c:319 [inline] [<0000000066f3c7e0>] inet_create+0x31e/0xe40 net/ipv4/af_inet.c:245 [<000000009b83af97>] __sock_create+0x2ab/0x550 net/socket.c:1515 [<00000000b9b11231>] sock_create net/socket.c:1566 [inline] [<00000000b9b11231>] __sys_socket_create net/socket.c:1603 [inline] [<00000000b9b11231>] __sys_socket_create net/socket.c:1588 [inline] [<00000000b9b11231>] __sys_socket+0x138/0x250 net/socket.c:1636 [<000000004fb45142>] __do_sys_socket net/socket.c:1649 [inline] [<000000004fb45142>] __se_sys_socket net/socket.c:1647 [inline] [<000000004fb45142>] __x64_sys_socket+0x73/0xb0 net/socket.c:1647 [<0000000066999e0e>] do_syscall_x64 arch/x86/entry/common.c:50 [inline] [<0000000066999e0e>] do_syscall_64+0x38/0x90 arch/x86/entry/common.c:80 [<0000000017f238c1>] entry_SYSCALL_64_after_hwframe+0x63/0xcd BUG: memory leak unreferenced object 0xffff888017633a00 (size 240): comm "syz-executor392", pid 264, jiffies 4294785440 (age 13.044s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 2d 6d 0c 80 88 ff ff .........-m..... backtrace: [<000000002b1c4368>] __alloc_skb+0x229/0x320 net/core/skbuff.c:497 [<00000000143579a6>] alloc_skb include/linux/skbuff.h:1265 [inline] [<00000000143579a6>] sock_omalloc+0xaa/0x190 net/core/sock.c:2596 [<00000000be626478>] msg_zerocopy_alloc net/core/skbuff.c:1294 [inline] [<00000000be626478>] ---truncated---

How to fix

Remediation Available
linuxDebian
Fixed in:5.10.191-1CVE-2023-53489
Fixed in:6.1.37-1CVE-2023-53489
Fixed in:6.3.7-1CVE-2023-53489
Fixed in:6.3.7-1CVE-2023-53489
bpftoolRocky
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
bpftoolRed Hat / RHEL
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
bpftool-debuginfoRocky
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
bpftool-debuginfoRed Hat / RHEL
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:7.2.0-362.8.1.el9_3RHSA-2023:6583
kernelRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernelRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64kRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64kRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debugRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debugRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-debuginfoRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-debuginfoRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-develRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-develRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-devel-matchedRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-devel-matchedRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-modulesRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-modulesRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-modules-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-modules-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-modules-extraRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debug-modules-extraRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debuginfoRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-debuginfoRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-develRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-develRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-devel-matchedRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-devel-matchedRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-modulesRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-modulesRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-modules-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-modules-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-modules-extraRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-64k-modules-extraRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-abi-stablelistsRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-abi-stablelistsRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debugRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debugRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-debuginfoRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-debuginfoRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-develRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-develRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-devel-matchedRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-devel-matchedRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-modulesRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-modulesRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-modules-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-modules-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-modules-extraRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-modules-extraRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-uki-virtRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debug-uki-virtRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debuginfoRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debuginfoRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debuginfo-common-aarch64Rocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debuginfo-common-aarch64Red Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debuginfo-common-ppc64leRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debuginfo-common-ppc64leRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debuginfo-common-s390xRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debuginfo-common-s390xRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debuginfo-common-x86_64Red Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-debuginfo-common-x86_64Rocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-develRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-develRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-devel-matchedRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-devel-matchedRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-docRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-docRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-modulesRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-modulesRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-modules-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-modules-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-modules-extraRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-modules-extraRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rtRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rtRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debugRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debugRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-debuginfoRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-debuginfoRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-develRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-develRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-kvmRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-kvmRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-modulesRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-modulesRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-modules-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-modules-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-modules-extraRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debug-modules-extraRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debuginfoRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-debuginfoRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-develRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-develRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-kvmRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-kvmRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-modulesRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-modulesRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-modules-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-modules-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-modules-extraRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-rt-modules-extraRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-toolsRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-toolsRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-tools-debuginfoRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-tools-debuginfoRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-tools-libsRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-tools-libsRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-tools-libs-develRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-tools-libs-develRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-uki-virtRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-uki-virtRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdumpRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdumpRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-debuginfoRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-debuginfoRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-develRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-develRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-devel-matchedRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-devel-matchedRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-modulesRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-modulesRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-modules-coreRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-modules-coreRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-modules-extraRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
kernel-zfcpdump-modules-extraRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
libperfRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
libperfRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
libperf-debuginfoRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
libperf-debuginfoRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
perfRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
perfRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
perf-debuginfoRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
perf-debuginfoRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
python3-perfRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
python3-perfRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
python3-perf-debuginfoRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
python3-perf-debuginfoRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
rtlaRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
rtlaRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
rvRed Hat / RHEL
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
rvRocky
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583
Fixed in:0:5.14.0-362.8.1.el9_3RHSA-2023:6583

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploit Intelligence

0.15%probability of exploitation in 30 days
4thpercentile

Low risk: more likely to be exploited than 4% of all known CVEs.

References

Related Vulnerabilities

Other CWE-401 (Missing Release of Memory (Memory Leak)) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2020-13934High7.564%-Fix
CVE-2016-6304High7.563%-Fix
CVE-2019-12265Medium5.355%-Fix
CVE-2001-0136Medium5.045%--
CVE-2016-4232High7.536%--
CVE-2001-0543Medium5.021%--
Embed a live status badge for CVE-2023-53489
CVE-2023-53489 severity badge

Markdown

[![CVE-2023-53489](https://tridentstack.com/cve/badge/CVE-2023-53489.svg)](https://tridentstack.com/cve/CVE-2023-53489)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-53489"><img src="https://tridentstack.com/cve/badge/CVE-2023-53489.svg" alt="CVE-2023-53489"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-01-21.