CVE-2023-53276
Published: Sep 16, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename allocates memory for the name that is to be stored in the directory entry, but after the name has been copied to the directory entry inode, the memory is not freed. When running kmemleak on it we see that it is registered as a leak. The report below is triggered by a simple program 'tmpfile' just opening a tmpfile: unreferenced object 0xffff88810178f380 (size 32): comm "tmpfile", pid 509, jiffies 4294934744 (age 1524.742s) backtrace: __kmem_cache_alloc_node __kmalloc fscrypt_setup_filename ubifs_tmpfile vfs_tmpfile path_openat Free this memory after it has been copied to the inode.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected f4f61d2cc6d8789a52245a4733b3e5643be154f3 - < 8ad8c67a897e68426e85990ebfe0a7d1f71fc79faffected f4f61d2cc6d8789a52245a4733b3e5643be154f3 - < 107d481642c356a5668058066360fc473911e628affected f4f61d2cc6d8789a52245a4733b3e5643be154f3 - < 823f554747f8aafaa965fb2f3ae794110ed429efaffected f4f61d2cc6d8789a52245a4733b3e5643be154f3 - < b8f444a4fadfb5070ed7e298e0a5ceb4a18014f3affected f4f61d2cc6d8789a52245a4733b3e5643be154f3 - < ce840284929b75dbbf062e0ce7fcb78a63b08b5e+4 more versions |
Linux | Linux | affected 4.10unaffected 0 - < 4.10unaffected 4.14.315 - <= 4.14.*unaffected 4.19.283 - <= 4.19.*unaffected 5.4.243 - <= 5.4.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now