#VU120287 Memory leak in Linux kernel - CVE-2023-54123
Published: December 26, 2025 / Updated: December 31, 2025
Vulnerability identifier: #VU120287
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-54123
CWE-ID: CWE-401
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the setup_geo(), setup_conf() and raid10_run() functions in drivers/md/raid10.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/133008af833b4f2e021d2c294c29c70364a3f0ba
- https://git.kernel.org/stable/c/5cba3e26c073b535e4e3b825ea481fb29c53943b
- https://git.kernel.org/stable/c/6361b0592b46c465ac926c1f3105d66c30d9658b
- https://git.kernel.org/stable/c/7f673fa34c0e3f95ee951a1bbf61791164871d2e
- https://git.kernel.org/stable/c/b21019a220d9cac08819bb6c63000de9ee61eb9e
- https://git.kernel.org/stable/c/b6460f68c1cc95a80d089af402be501619f228e4
- https://git.kernel.org/stable/c/c9ac2acde53f5385de185bccf6aaa91cf9ac1541
- https://git.kernel.org/stable/c/e2fec8d95353a48634b085011626ba3ec8ab8b1c
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.2