5 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-53136
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: afunix: fix struct pid leaks in OOB support syzbot reported struct pid leak 1. Issue is that...
CVE-2023-53136
In the Linux kernel, the following vulnerability has been resolved: afunix: fix struct pid leaks in OOB support syzbot reported struct pid leak 1. Issue is that queueoob calls maybeaddcreds which potentially holds a reference on a pid. But skb-destructor is not set either directly or by calling...
CVE-2023-53136
creationtimestamp| type| source ---|---|--- 2025-05-02 17:34:23+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lo7c2rn4lv72 2025-05-02 20:06:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lo7mr5bgbu2n 2025-05-02...
CVE-2023-53136
CVE-2023-53136 concerns a Linux kernel af_unix memory leak in OOB support. The root cause is that queue_oob() may hold a reference on a pid via maybe_add_creds(), while skb->destructor is not set (directly or via unix_scm_to_skb()), allowing the reference to be leaked when the skb is freed. Sy...
CVE-2023-53136 af_unix: fix struct pid leaks in OOB support
In the Linux kernel, the following vulnerability has been resolved: afunix: fix struct pid leaks in OOB support syzbot reported struct pid leak 1. Issue is that queueoob calls maybeaddcreds which potentially holds a reference on a pid. But skb-destructor is not set either directly or by calling...