Vulnerability-Lookup

BDU:2026-01245

Vulnerability from fstec - Published: 20.06.2023

Title

Уязвимость функции ssif_info_find() модуля drivers/char/ipmi/ipmi_ssif.c драйвера алфавитноцифровых устройств ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции ssif_info_find() модуля drivers/char/ipmi/ipmi_ssif.c драйвера алфавитноцифровых устройств ядра операционной системы Linux связана с неправильным освобождением памяти («утечка памяти»). Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

Red Hat Inc., Сообщество свободного программного обеспечения

Software Name

Red Hat Enterprise Linux, Debian GNU/Linux, Linux

Software Version

8 (Red Hat Enterprise Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 9 (Red Hat Enterprise Linux), от 6.2 до 6.4.15 включительно (Linux), от 5.11 до 5.15.131 включительно (Linux), от 5.16 до 6.1.52 включительно (Linux), от 5.5 до 5.10.194 включительно (Linux), от 6.5 до 6.5.2 включительно (Linux), от 5.4 до 5.4.256 включительно (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://lore.kernel.org/linux-cve-announce/2025122429-CVE-2023-54064-7509@gregkh/ https://git.kernel.org/stable/c/de677f4379fa67f650e367c188a0f80bee9b6732 https://git.kernel.org/stable/c/13623b966bb6d36ba61646b69cd49cdac6e4978a https://git.kernel.org/stable/c/3ad53071fe8547eb8d8813971844cc43246008ee https://git.kernel.org/stable/c/74a1194cce60a90723d0fe148863c18931a31153 https://git.kernel.org/stable/c/7db16d2e791bf2ec3e0249f56b7ec81c35bba6e6 https://git.kernel.org/stable/c/b870caeb18041f856893066ded81c560db3d56cc https://git.kernel.org/stable/c/b8d72e32e1453d37ee5c8a219f24e7eeadc471ef https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.257 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.132 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.53 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.16 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.3 Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2023-54064 Для продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2023-54064

Reference

https://www.cve.org/CVERecord?id=CVE-2023-54064 https://git.kernel.org/stable/c/de677f4379fa67f650e367c188a0f80bee9b6732 https://git.kernel.org/stable/c/13623b966bb6d36ba61646b69cd49cdac6e4978a https://git.kernel.org/stable/c/3ad53071fe8547eb8d8813971844cc43246008ee https://git.kernel.org/stable/c/74a1194cce60a90723d0fe148863c18931a31153 https://git.kernel.org/stable/c/7db16d2e791bf2ec3e0249f56b7ec81c35bba6e6 https://git.kernel.org/stable/c/b870caeb18041f856893066ded81c560db3d56cc https://git.kernel.org/stable/c/b8d72e32e1453d37ee5c8a219f24e7eeadc471ef https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.257 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.132 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.53 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.16 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.3 https://lore.kernel.org/linux-cve-announce/2025122429-CVE-2023-54064-7509@gregkh/ https://security-tracker.debian.org/tracker/CVE-2023-54064 https://access.redhat.com/security/cve/cve-2023-54064

CWE

CWE-401, CWE-404

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Red Hat Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "8 (Red Hat Enterprise Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 9 (Red Hat Enterprise Linux), \u043e\u0442 6.2 \u0434\u043e 6.4.15 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.11 \u0434\u043e 5.15.131 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.16 \u0434\u043e 6.1.52 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.5 \u0434\u043e 5.10.194 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 6.5 \u0434\u043e 6.5.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.4 \u0434\u043e 5.4.256 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f Linux:\nhttps://lore.kernel.org/linux-cve-announce/2025122429-CVE-2023-54064-7509@gregkh/\nhttps://git.kernel.org/stable/c/de677f4379fa67f650e367c188a0f80bee9b6732\nhttps://git.kernel.org/stable/c/13623b966bb6d36ba61646b69cd49cdac6e4978a\nhttps://git.kernel.org/stable/c/3ad53071fe8547eb8d8813971844cc43246008ee\nhttps://git.kernel.org/stable/c/74a1194cce60a90723d0fe148863c18931a31153\nhttps://git.kernel.org/stable/c/7db16d2e791bf2ec3e0249f56b7ec81c35bba6e6\nhttps://git.kernel.org/stable/c/b870caeb18041f856893066ded81c560db3d56cc\nhttps://git.kernel.org/stable/c/b8d72e32e1453d37ee5c8a219f24e7eeadc471ef\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.257\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.132\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.53\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.16\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.3\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2023-54064\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2023-54064",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "20.06.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "05.02.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "05.02.2026",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2026-01245",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-54064",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Red Hat Enterprise Linux, Debian GNU/Linux, Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Red Hat Inc. Red Hat Enterprise Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , Red Hat Inc. Red Hat Enterprise Linux 9 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.2 \u0434\u043e 6.4.15 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.11 \u0434\u043e 5.15.131 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.16 \u0434\u043e 6.1.52 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.5 \u0434\u043e 5.10.194 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.5 \u0434\u043e 6.5.2 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.4 \u0434\u043e 5.4.256 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ssif_info_find() \u043c\u043e\u0434\u0443\u043b\u044f drivers/char/ipmi/ipmi_ssif.c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0430\u043b\u0444\u0430\u0432\u0438\u0442\u043d\u043e\u0446\u0438\u0444\u0440\u043e\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0435\u0440\u0435\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0441\u0441\u044b\u043b\u043a\u0438 (\u00ab\u0443\u0442\u0435\u0447\u043a\u0430 \u043f\u0430\u043c\u044f\u0442\u0438\u00bb) (CWE-401), \u041d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u0430\u044f \u0437\u0430\u0447\u0438\u0441\u0442\u043a\u0430 \u0438\u043b\u0438 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 (CWE-404)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 ssif_info_find() \u043c\u043e\u0434\u0443\u043b\u044f drivers/char/ipmi/ipmi_ssif.c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0430\u043b\u0444\u0430\u0432\u0438\u0442\u043d\u043e\u0446\u0438\u0444\u0440\u043e\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 (\u00ab\u0443\u0442\u0435\u0447\u043a\u0430 \u043f\u0430\u043c\u044f\u0442\u0438\u00bb). \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.cve.org/CVERecord?id=CVE-2023-54064\nhttps://git.kernel.org/stable/c/de677f4379fa67f650e367c188a0f80bee9b6732\nhttps://git.kernel.org/stable/c/13623b966bb6d36ba61646b69cd49cdac6e4978a\nhttps://git.kernel.org/stable/c/3ad53071fe8547eb8d8813971844cc43246008ee\nhttps://git.kernel.org/stable/c/74a1194cce60a90723d0fe148863c18931a31153\nhttps://git.kernel.org/stable/c/7db16d2e791bf2ec3e0249f56b7ec81c35bba6e6\nhttps://git.kernel.org/stable/c/b870caeb18041f856893066ded81c560db3d56cc\nhttps://git.kernel.org/stable/c/b8d72e32e1453d37ee5c8a219f24e7eeadc471ef\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.257\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.132\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.53\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.16\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.3\nhttps://lore.kernel.org/linux-cve-announce/2025122429-CVE-2023-54064-7509@gregkh/\nhttps://security-tracker.debian.org/tracker/CVE-2023-54064\nhttps://access.redhat.com/security/cve/cve-2023-54064",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-401, CWE-404",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

CVE-2023-54064 (GCVE-0-2023-54064)

Vulnerability from cvelistv5 – Published: 2025-12-24 12:23 – Updated: 2025-12-24 12:23

Title

ipmi:ssif: Fix a memory leak when scanning for an adapter

Summary

In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapter info came from SMBIOS, as it's not set in that case. However, this function can be called more than once, and it will leak the adapter name if it had already been set. So check for NULL before setting it.

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/de677f4379fa67f65…
	https://git.kernel.org/stable/c/13623b966bb6d36ba…
	https://git.kernel.org/stable/c/3ad53071fe8547eb8…
	https://git.kernel.org/stable/c/74a1194cce60a9072…
	https://git.kernel.org/stable/c/7db16d2e791bf2ec3…
	https://git.kernel.org/stable/c/b870caeb18041f856…
	https://git.kernel.org/stable/c/b8d72e32e1453d37e…

Impacted products

Vendor

Product

Version

Linux

Affected: c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c , < de677f4379fa67f650e367c188a0f80bee9b6732 (git)
Affected: c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c , < 13623b966bb6d36ba61646b69cd49cdac6e4978a (git)
Affected: c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c , < 3ad53071fe8547eb8d8813971844cc43246008ee (git)
Affected: c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c , < 74a1194cce60a90723d0fe148863c18931a31153 (git)
Affected: c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c , < 7db16d2e791bf2ec3e0249f56b7ec81c35bba6e6 (git)
Affected: c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c , < b870caeb18041f856893066ded81c560db3d56cc (git)
Affected: c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c , < b8d72e32e1453d37ee5c8a219f24e7eeadc471ef (git)

Linux

Affected: 5.4
Unaffected: 0 , < 5.4 (semver)
Unaffected: 5.4.257 , ≤ 5.4.* (semver)
Unaffected: 5.10.195 , ≤ 5.10.* (semver)
Unaffected: 5.15.132 , ≤ 5.15.* (semver)
Unaffected: 6.1.53 , ≤ 6.1.* (semver)
Unaffected: 6.4.16 , ≤ 6.4.* (semver)
Unaffected: 6.5.3 , ≤ 6.5.* (semver)
Unaffected: 6.6 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/char/ipmi/ipmi_ssif.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "de677f4379fa67f650e367c188a0f80bee9b6732",
              "status": "affected",
              "version": "c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c",
              "versionType": "git"
            },
            {
              "lessThan": "13623b966bb6d36ba61646b69cd49cdac6e4978a",
              "status": "affected",
              "version": "c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c",
              "versionType": "git"
            },
            {
              "lessThan": "3ad53071fe8547eb8d8813971844cc43246008ee",
              "status": "affected",
              "version": "c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c",
              "versionType": "git"
            },
            {
              "lessThan": "74a1194cce60a90723d0fe148863c18931a31153",
              "status": "affected",
              "version": "c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c",
              "versionType": "git"
            },
            {
              "lessThan": "7db16d2e791bf2ec3e0249f56b7ec81c35bba6e6",
              "status": "affected",
              "version": "c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c",
              "versionType": "git"
            },
            {
              "lessThan": "b870caeb18041f856893066ded81c560db3d56cc",
              "status": "affected",
              "version": "c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c",
              "versionType": "git"
            },
            {
              "lessThan": "b8d72e32e1453d37ee5c8a219f24e7eeadc471ef",
              "status": "affected",
              "version": "c4436c9149c5d2bc0c49ab57ec85c75ea1c4d61c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/char/ipmi/ipmi_ssif.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.4"
            },
            {
              "lessThan": "5.4",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.257",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.195",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.132",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.53",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.257",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.195",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.132",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.53",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.16",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.3",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "5.4",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi:ssif: Fix a memory leak when scanning for an adapter\n\nThe adapter scan ssif_info_find() sets info-\u003eadapter_name if the adapter\ninfo came from SMBIOS, as it\u0027s not set in that case.  However, this\nfunction can be called more than once, and it will leak the adapter name\nif it had already been set.  So check for NULL before setting it."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-24T12:23:10.051Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/de677f4379fa67f650e367c188a0f80bee9b6732"
        },
        {
          "url": "https://git.kernel.org/stable/c/13623b966bb6d36ba61646b69cd49cdac6e4978a"
        },
        {
          "url": "https://git.kernel.org/stable/c/3ad53071fe8547eb8d8813971844cc43246008ee"
        },
        {
          "url": "https://git.kernel.org/stable/c/74a1194cce60a90723d0fe148863c18931a31153"
        },
        {
          "url": "https://git.kernel.org/stable/c/7db16d2e791bf2ec3e0249f56b7ec81c35bba6e6"
        },
        {
          "url": "https://git.kernel.org/stable/c/b870caeb18041f856893066ded81c560db3d56cc"
        },
        {
          "url": "https://git.kernel.org/stable/c/b8d72e32e1453d37ee5c8a219f24e7eeadc471ef"
        }
      ],
      "title": "ipmi:ssif: Fix a memory leak when scanning for an adapter",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54064",
    "datePublished": "2025-12-24T12:23:10.051Z",
    "dateReserved": "2025-12-24T12:21:05.092Z",
    "dateUpdated": "2025-12-24T12:23:10.051Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2026-01245

CVE-2023-54064 (GCVE-0-2023-54064)

Tags

Sightings

Nomenclature