CVE-2023-54041

Published: Dec 24, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: io_uring: fix memory leak when removing provided buffers When removing provided buffers, io_buffer structs are not being disposed of, leading to a memory leak. They can't be freed individually, because they are allocated in page-sized groups. They need to be added to some free list instead, such as io_buffers_cache. All callers already hold the lock protecting it, apart from when destroying buffers, so had to extend the lock there.

Vendor	Product	Versions
Linux	Linux	affected `cc3cec8367cba76a8ae4c271eba8450f3efc1ba3 - < ac48787f58d1068f4e06d627c1135784d64b4c72` affected `cc3cec8367cba76a8ae4c271eba8450f3efc1ba3 - < c117c15927772d1624c29c092b6bd3f47c7faa48` affected `cc3cec8367cba76a8ae4c271eba8450f3efc1ba3 - < b4a72c0589fdea6259720375426179888969d6a2`
Linux	Linux	affected `5.18` unaffected `0 - < 5.18` unaffected `6.1.24 - <= 6.1.` unaffected `6.2.11 - <= 6.2.` unaffected `6.3 - <= *`

References

https://git.kernel.org/stable/c/ac48787f58d1068f4e06d627c1135784d64b4c72

https://git.kernel.org/stable/c/c117c15927772d1624c29c092b6bd3f47c7faa48

https://git.kernel.org/stable/c/b4a72c0589fdea6259720375426179888969d6a2

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-54041

Description

Affected Products

References