CVE-2023-54091

Published: Dec 24, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_target_cloned dmt_mode is allocated and never freed in this function. It was found with the ast driver, but most drivers using generic fbdev setup are probably affected. This fixes the following kmemleak report: backtrace: [<00000000b391296d>] drm_mode_duplicate+0x45/0x220 [drm] [<00000000e45bb5b3>] drm_client_target_cloned.constprop.0+0x27b/0x480 [drm] [<00000000ed2d3a37>] drm_client_modeset_probe+0x6bd/0xf50 [drm] [<0000000010e5cc9d>] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper] [<00000000909f82ca>] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper] [<00000000063a69aa>] drm_client_register+0x169/0x240 [drm] [<00000000a8c61525>] ast_pci_probe+0x142/0x190 [ast] [<00000000987f19bb>] local_pci_probe+0xdc/0x180 [<000000004fca231b>] work_for_cpu_fn+0x4e/0xa0 [<0000000000b85301>] process_one_work+0x8b7/0x1540 [<000000003375b17c>] worker_thread+0x70a/0xed0 [<00000000b0d43cd9>] kthread+0x29f/0x340 [<000000008d770833>] ret_from_fork+0x1f/0x30 unreferenced object 0xff11000333089a00 (size 128):

Vendor	Product	Versions
Linux	Linux	affected `1d42bbc8f7f9ce4d852692ef7aa336b133b0830a - < d3009700f48602b557eade1f22c98b6bc20247e8` affected `1d42bbc8f7f9ce4d852692ef7aa336b133b0830a - < a4b978249e8fa94956fce8b70a709f7797716f62` affected `1d42bbc8f7f9ce4d852692ef7aa336b133b0830a - < 52daf6ba2e0d201640cb1ce42049c5c4426b4d6e` affected `1d42bbc8f7f9ce4d852692ef7aa336b133b0830a - < 105275879a80503686a8108af2f5c579a1c5aef4` affected `1d42bbc8f7f9ce4d852692ef7aa336b133b0830a - < a85e23a1ef63e45a18f0a30d7816fcb4a865ca95` +3 more versions
Linux	Linux	affected `2.6.35` unaffected `0 - < 2.6.35` unaffected `4.14.322 - <= 4.14.` unaffected `4.19.291 - <= 4.19.` unaffected `5.4.251 - <= 5.4.*` +5 more versions