DEBIAN-CVE-2023-54154
- Source
- https://security-tracker.debian.org/tracker/CVE-2023-54154
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-54154.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2023-54154
- Upstream
- Published
- 2025-12-24T13:16:17.407Z
- Modified
- 2025-12-25T11:01:09.698440Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix targetcmdcounter leak The targetcmdcounter struct allocated via targetalloccmdcounter() is never freed, resulting in leaks across various transport types, e.g.: unreferenced object 0xffff88801f920120 (size 96): comm "sh", pid 102, jiffies 4294892535 (age 713.412s) hex dump (first 32 bytes): 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 38 01 92 1f 80 88 ff ff ........8....... backtrace: [<00000000e58a6252>] kmalloctrace+0x11/0x20 [<0000000043af4b2f>] targetalloccmdcounter+0x17/0x90 [targetcoremod] [<000000007da2dfa7>] targetsetupsession+0x2d/0x140 [targetcoremod] [<0000000068feef86>] tcmlooptpgnexusstore+0x19b/0x350 [tcmloop] [<000000006a80e021>] configfswriteiter+0xb1/0x120 [<00000000e9f4d860>] vfswrite+0x2e4/0x3c0 [<000000008143433b>] ksyswrite+0x80/0xb0 [<00000000a7df29b2>] dosyscall64+0x42/0x90 [<0000000053f45fb8>] entrySYSCALL64afterhwframe+0x6e/0xd8 Free the structure alongside the corresponding iscsitconn / sesess parent.
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1.55-1
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source