#VU115832 Memory leak in Linux kernel - CVE-2023-53436
Published: September 19, 2025 / Updated: September 22, 2025
Vulnerability identifier: #VU115832
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-53436
CWE-ID: CWE-401
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the snic_tgt_create() function in drivers/scsi/snic/snic_disc.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/41320b18a0e0dfb236dba4edb9be12dba1878156
- https://git.kernel.org/stable/c/461f8ac666fa232afee5ed6420099913ec4e4ba2
- https://git.kernel.org/stable/c/58889d5ad74cbc1c9595db74e13522b58b69b0ec
- https://git.kernel.org/stable/c/7723a5d5d187626c4c640842e522cf4e9e39492e
- https://git.kernel.org/stable/c/789275f7c0544374d40bc8d9c81f96751a41df45
- https://git.kernel.org/stable/c/cea09922f5f75652d55b481ee34011fc7f19868b
- https://git.kernel.org/stable/c/ed0acb1ee2e9322b96611635a9ca9303d15ac76c
- https://git.kernel.org/stable/c/f830968d464f55e11bc9260a132fc77daa266aa3
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.292