In the Linux kernel, the following vulnerability has been resolved:
SUNRPC: fix a memleak in gssimportv2_context
The ctx->mechused.data allocated by kmemdup is not freed in neither gssimportv2context nor it only caller gsskrb5importseccontext, which frees ctx on error.
Thus, this patch reform the last call of gssimportv2context to the gsskrb5importctx_v2, preventing the memleak while keepping the return formation.
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e67b652d8e8591d3b1e569dbcdfcee15993e91fa",
"target": {
"file": "net/sunrpc/auth_gss/gss_krb5_mech.c"
},
"digest": {
"line_hashes": [
"173506516816324947173723450724157025787",
"3034335118138879059068312480021034585",
"99919332928848975673383368139348052973",
"332317091624075693956511099886703726643",
"289683564644458540335370302926211646780",
"276807936675439500898209930596972491673",
"54216779299783857196709998929477266415",
"68532023785045782728477247344711864507"
],
"threshold": 0.9
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2023-52653-05de2ac6",
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e67b652d8e8591d3b1e569dbcdfcee15993e91fa",
"target": {
"function": "gss_import_v2_context",
"file": "net/sunrpc/auth_gss/gss_krb5_mech.c"
},
"digest": {
"function_hash": "292519427885456730289565905920180027460",
"length": 1767.0
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2023-52653-3be1d878",
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d111e30d9cd846bb368faf3637dc0f71fcbcf822",
"target": {
"file": "net/sunrpc/auth_gss/gss_krb5_mech.c"
},
"digest": {
"line_hashes": [
"173506516816324947173723450724157025787",
"3034335118138879059068312480021034585",
"99919332928848975673383368139348052973",
"332317091624075693956511099886703726643",
"289683564644458540335370302926211646780",
"276807936675439500898209930596972491673",
"54216779299783857196709998929477266415",
"68532023785045782728477247344711864507"
],
"threshold": 0.9
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2023-52653-3f4dfdee",
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@99044c01ed5329e73651c054d8a4baacdbb1a27c",
"target": {
"function": "gss_import_v2_context",
"file": "net/sunrpc/auth_gss/gss_krb5_mech.c"
},
"digest": {
"function_hash": "292519427885456730289565905920180027460",
"length": 1767.0
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2023-52653-5dcc61a6",
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d111e30d9cd846bb368faf3637dc0f71fcbcf822",
"target": {
"function": "gss_import_v2_context",
"file": "net/sunrpc/auth_gss/gss_krb5_mech.c"
},
"digest": {
"function_hash": "292519427885456730289565905920180027460",
"length": 1767.0
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2023-52653-82bea2ee",
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@99044c01ed5329e73651c054d8a4baacdbb1a27c",
"target": {
"file": "net/sunrpc/auth_gss/gss_krb5_mech.c"
},
"digest": {
"line_hashes": [
"173506516816324947173723450724157025787",
"3034335118138879059068312480021034585",
"99919332928848975673383368139348052973",
"332317091624075693956511099886703726643",
"289683564644458540335370302926211646780",
"276807936675439500898209930596972491673",
"54216779299783857196709998929477266415",
"68532023785045782728477247344711864507"
],
"threshold": 0.9
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2023-52653-ad272818",
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@47ac11db93e74ac49cd6c3fc69bcbc5964c4a8b4",
"target": {
"file": "net/sunrpc/auth_gss/gss_krb5_mech.c"
},
"digest": {
"line_hashes": [
"173506516816324947173723450724157025787",
"3034335118138879059068312480021034585",
"99919332928848975673383368139348052973",
"332317091624075693956511099886703726643",
"289683564644458540335370302926211646780",
"276807936675439500898209930596972491673",
"54216779299783857196709998929477266415",
"68532023785045782728477247344711864507"
],
"threshold": 0.9
},
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2023-52653-d20eccea",
"signature_version": "v1"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@47ac11db93e74ac49cd6c3fc69bcbc5964c4a8b4",
"target": {
"function": "gss_import_v2_context",
"file": "net/sunrpc/auth_gss/gss_krb5_mech.c"
},
"digest": {
"function_hash": "292519427885456730289565905920180027460",
"length": 1767.0
},
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2023-52653-dfd55def",
"signature_version": "v1"
}
]