Vulnerability-Lookup

BDU:2026-01236

Vulnerability from fstec - Published: 13.07.2023

Title

Description

Уязвимость функции drm_client_target_cloned() модуля drivers/gpu/drm/drm_client_modeset.c драйвера инфраструктуры прямого рендеринга (DRI) ядра операционной системы Linux связана с неправильным освобождением памяти («утечка памяти»). Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

Red Hat Inc., Сообщество свободного программного обеспечения

Software Name

Red Hat Enterprise Linux, Debian GNU/Linux, Linux

Software Version

8 (Red Hat Enterprise Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 9 (Red Hat Enterprise Linux), от 5.5 до 5.10.187 включительно (Linux), от 5.11 до 5.15.122 включительно (Linux), от 5.16 до 6.1.41 включительно (Linux), от 6.2 до 6.4.6 включительно (Linux), от 4.15 до 4.19.290 включительно (Linux), от 4.20 до 5.4.250 включительно (Linux), от 2.6.35 до 4.14.321 включительно (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://lore.kernel.org/linux-cve-announce/2025122407-CVE-2023-54091-577a@gregkh/ https://git.kernel.org/stable/c/d3009700f48602b557eade1f22c98b6bc20247e8 https://git.kernel.org/stable/c/a4b978249e8fa94956fce8b70a709f7797716f62 https://git.kernel.org/stable/c/52daf6ba2e0d201640cb1ce42049c5c4426b4d6e https://git.kernel.org/stable/c/105275879a80503686a8108af2f5c579a1c5aef4 https://git.kernel.org/stable/c/a85e23a1ef63e45a18f0a30d7816fcb4a865ca95 https://git.kernel.org/stable/c/b5359d7a5087ac398fc429da6833133b4784c268 https://git.kernel.org/stable/c/4b596a6e2d2e0f9c14e4122506dd715f43fcd727 https://git.kernel.org/stable/c/c2a88e8bdf5f6239948d75283d0ae7e0c7945b03 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.322 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.291 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.251 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.123 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.42 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.7 Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2023-54091 Для продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2023-54091

Reference

https://www.cve.org/CVERecord?id=CVE-2023-54091 https://git.kernel.org/stable/c/d3009700f48602b557eade1f22c98b6bc20247e8 https://git.kernel.org/stable/c/a4b978249e8fa94956fce8b70a709f7797716f62 https://git.kernel.org/stable/c/52daf6ba2e0d201640cb1ce42049c5c4426b4d6e https://git.kernel.org/stable/c/105275879a80503686a8108af2f5c579a1c5aef4 https://git.kernel.org/stable/c/a85e23a1ef63e45a18f0a30d7816fcb4a865ca95 https://git.kernel.org/stable/c/b5359d7a5087ac398fc429da6833133b4784c268 https://git.kernel.org/stable/c/4b596a6e2d2e0f9c14e4122506dd715f43fcd727 https://git.kernel.org/stable/c/c2a88e8bdf5f6239948d75283d0ae7e0c7945b03 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.322 https://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.291 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.251 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188 https://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.123 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.42 https://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.7 https://lore.kernel.org/linux-cve-announce/2025122407-CVE-2023-54091-577a@gregkh/ https://security-tracker.debian.org/tracker/CVE-2023-54091 https://access.redhat.com/security/cve/cve-2023-54091

CWE

CWE-401

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Red Hat Inc., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "8 (Red Hat Enterprise Linux), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 9 (Red Hat Enterprise Linux), \u043e\u0442 5.5 \u0434\u043e 5.10.187 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.11 \u0434\u043e 5.15.122 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 5.16 \u0434\u043e 6.1.41 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 6.2 \u0434\u043e 6.4.6 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.15 \u0434\u043e 4.19.290 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 4.20 \u0434\u043e 5.4.250 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux), \u043e\u0442 2.6.35 \u0434\u043e 4.14.321 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\n\u0414\u043b\u044f Linux:\nhttps://lore.kernel.org/linux-cve-announce/2025122407-CVE-2023-54091-577a@gregkh/\nhttps://git.kernel.org/stable/c/d3009700f48602b557eade1f22c98b6bc20247e8\nhttps://git.kernel.org/stable/c/a4b978249e8fa94956fce8b70a709f7797716f62\nhttps://git.kernel.org/stable/c/52daf6ba2e0d201640cb1ce42049c5c4426b4d6e\nhttps://git.kernel.org/stable/c/105275879a80503686a8108af2f5c579a1c5aef4\nhttps://git.kernel.org/stable/c/a85e23a1ef63e45a18f0a30d7816fcb4a865ca95\nhttps://git.kernel.org/stable/c/b5359d7a5087ac398fc429da6833133b4784c268\nhttps://git.kernel.org/stable/c/4b596a6e2d2e0f9c14e4122506dd715f43fcd727\nhttps://git.kernel.org/stable/c/c2a88e8bdf5f6239948d75283d0ae7e0c7945b03\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.322\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.291\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.251\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.123\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.42\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.7\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2023-54091\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2023-54091",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "13.07.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "05.02.2026",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "05.02.2026",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2026-01236",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-54091",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Red Hat Enterprise Linux, Debian GNU/Linux, Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Red Hat Inc. Red Hat Enterprise Linux 8 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , Red Hat Inc. Red Hat Enterprise Linux 9 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.5 \u0434\u043e 5.10.187 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.11 \u0434\u043e 5.15.122 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.16 \u0434\u043e 6.1.41 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.2 \u0434\u043e 6.4.6 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.15 \u0434\u043e 4.19.290 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.20 \u0434\u043e 5.4.250 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 2.6.35 \u0434\u043e 4.14.321 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 drm_client_target_cloned() \u043c\u043e\u0434\u0443\u043b\u044f drivers/gpu/drm/drm_client_modeset.c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u043f\u0440\u044f\u043c\u043e\u0433\u043e \u0440\u0435\u043d\u0434\u0435\u0440\u0438\u043d\u0433\u0430 (DRI) \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0435 \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u0430\u043c\u044f\u0442\u0438 \u043f\u0435\u0440\u0435\u0434 \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0435\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0441\u0441\u044b\u043b\u043a\u0438 (\u00ab\u0443\u0442\u0435\u0447\u043a\u0430 \u043f\u0430\u043c\u044f\u0442\u0438\u00bb) (CWE-401)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 drm_client_target_cloned() \u043c\u043e\u0434\u0443\u043b\u044f drivers/gpu/drm/drm_client_modeset.c \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0430 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u043f\u0440\u044f\u043c\u043e\u0433\u043e \u0440\u0435\u043d\u0434\u0435\u0440\u0438\u043d\u0433\u0430 (DRI) \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043e\u0441\u0432\u043e\u0431\u043e\u0436\u0434\u0435\u043d\u0438\u0435\u043c \u043f\u0430\u043c\u044f\u0442\u0438 (\u00ab\u0443\u0442\u0435\u0447\u043a\u0430 \u043f\u0430\u043c\u044f\u0442\u0438\u00bb). \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.cve.org/CVERecord?id=CVE-2023-54091\nhttps://git.kernel.org/stable/c/d3009700f48602b557eade1f22c98b6bc20247e8\nhttps://git.kernel.org/stable/c/a4b978249e8fa94956fce8b70a709f7797716f62\nhttps://git.kernel.org/stable/c/52daf6ba2e0d201640cb1ce42049c5c4426b4d6e\nhttps://git.kernel.org/stable/c/105275879a80503686a8108af2f5c579a1c5aef4\nhttps://git.kernel.org/stable/c/a85e23a1ef63e45a18f0a30d7816fcb4a865ca95\nhttps://git.kernel.org/stable/c/b5359d7a5087ac398fc429da6833133b4784c268\nhttps://git.kernel.org/stable/c/4b596a6e2d2e0f9c14e4122506dd715f43fcd727\nhttps://git.kernel.org/stable/c/c2a88e8bdf5f6239948d75283d0ae7e0c7945b03\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.322\nhttps://kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.291\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.251\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.188\nhttps://kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.123\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.42\nhttps://kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.7\nhttps://lore.kernel.org/linux-cve-announce/2025122407-CVE-2023-54091-577a@gregkh/\nhttps://security-tracker.debian.org/tracker/CVE-2023-54091\nhttps://access.redhat.com/security/cve/cve-2023-54091",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-401",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

CVE-2023-54091 (GCVE-0-2023-54091)

Vulnerability from cvelistv5 – Published: 2025-12-24 13:06 – Updated: 2025-12-24 13:06

Title

drm/client: Fix memory leak in drm_client_target_cloned

Summary

In the Linux kernel, the following vulnerability has been resolved: drm/client: Fix memory leak in drm_client_target_cloned dmt_mode is allocated and never freed in this function. It was found with the ast driver, but most drivers using generic fbdev setup are probably affected. This fixes the following kmemleak report: backtrace: [<00000000b391296d>] drm_mode_duplicate+0x45/0x220 [drm] [<00000000e45bb5b3>] drm_client_target_cloned.constprop.0+0x27b/0x480 [drm] [<00000000ed2d3a37>] drm_client_modeset_probe+0x6bd/0xf50 [drm] [<0000000010e5cc9d>] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper] [<00000000909f82ca>] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper] [<00000000063a69aa>] drm_client_register+0x169/0x240 [drm] [<00000000a8c61525>] ast_pci_probe+0x142/0x190 [ast] [<00000000987f19bb>] local_pci_probe+0xdc/0x180 [<000000004fca231b>] work_for_cpu_fn+0x4e/0xa0 [<0000000000b85301>] process_one_work+0x8b7/0x1540 [<000000003375b17c>] worker_thread+0x70a/0xed0 [<00000000b0d43cd9>] kthread+0x29f/0x340 [<000000008d770833>] ret_from_fork+0x1f/0x30 unreferenced object 0xff11000333089a00 (size 128):

Severity ?

No CVSS data available.

Assigner

Linux

References

URL

Tags

	https://git.kernel.org/stable/c/d3009700f48602b55…
	https://git.kernel.org/stable/c/a4b978249e8fa9495…
	https://git.kernel.org/stable/c/52daf6ba2e0d20164…
	https://git.kernel.org/stable/c/105275879a8050368…
	https://git.kernel.org/stable/c/a85e23a1ef63e45a1…
	https://git.kernel.org/stable/c/b5359d7a5087ac398…
	https://git.kernel.org/stable/c/4b596a6e2d2e0f9c1…
	https://git.kernel.org/stable/c/c2a88e8bdf5f62399…

Impacted products

Vendor

Product

Version

Linux

Affected: 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a , < d3009700f48602b557eade1f22c98b6bc20247e8 (git)
Affected: 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a , < a4b978249e8fa94956fce8b70a709f7797716f62 (git)
Affected: 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a , < 52daf6ba2e0d201640cb1ce42049c5c4426b4d6e (git)
Affected: 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a , < 105275879a80503686a8108af2f5c579a1c5aef4 (git)
Affected: 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a , < a85e23a1ef63e45a18f0a30d7816fcb4a865ca95 (git)
Affected: 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a , < b5359d7a5087ac398fc429da6833133b4784c268 (git)
Affected: 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a , < 4b596a6e2d2e0f9c14e4122506dd715f43fcd727 (git)
Affected: 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a , < c2a88e8bdf5f6239948d75283d0ae7e0c7945b03 (git)

Linux

Affected: 2.6.35
Unaffected: 0 , < 2.6.35 (semver)
Unaffected: 4.14.322 , ≤ 4.14.* (semver)
Unaffected: 4.19.291 , ≤ 4.19.* (semver)
Unaffected: 5.4.251 , ≤ 5.4.* (semver)
Unaffected: 5.10.188 , ≤ 5.10.* (semver)
Unaffected: 5.15.123 , ≤ 5.15.* (semver)
Unaffected: 6.1.42 , ≤ 6.1.* (semver)
Unaffected: 6.4.7 , ≤ 6.4.* (semver)
Unaffected: 6.5 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/drm_client_modeset.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "d3009700f48602b557eade1f22c98b6bc20247e8",
              "status": "affected",
              "version": "1d42bbc8f7f9ce4d852692ef7aa336b133b0830a",
              "versionType": "git"
            },
            {
              "lessThan": "a4b978249e8fa94956fce8b70a709f7797716f62",
              "status": "affected",
              "version": "1d42bbc8f7f9ce4d852692ef7aa336b133b0830a",
              "versionType": "git"
            },
            {
              "lessThan": "52daf6ba2e0d201640cb1ce42049c5c4426b4d6e",
              "status": "affected",
              "version": "1d42bbc8f7f9ce4d852692ef7aa336b133b0830a",
              "versionType": "git"
            },
            {
              "lessThan": "105275879a80503686a8108af2f5c579a1c5aef4",
              "status": "affected",
              "version": "1d42bbc8f7f9ce4d852692ef7aa336b133b0830a",
              "versionType": "git"
            },
            {
              "lessThan": "a85e23a1ef63e45a18f0a30d7816fcb4a865ca95",
              "status": "affected",
              "version": "1d42bbc8f7f9ce4d852692ef7aa336b133b0830a",
              "versionType": "git"
            },
            {
              "lessThan": "b5359d7a5087ac398fc429da6833133b4784c268",
              "status": "affected",
              "version": "1d42bbc8f7f9ce4d852692ef7aa336b133b0830a",
              "versionType": "git"
            },
            {
              "lessThan": "4b596a6e2d2e0f9c14e4122506dd715f43fcd727",
              "status": "affected",
              "version": "1d42bbc8f7f9ce4d852692ef7aa336b133b0830a",
              "versionType": "git"
            },
            {
              "lessThan": "c2a88e8bdf5f6239948d75283d0ae7e0c7945b03",
              "status": "affected",
              "version": "1d42bbc8f7f9ce4d852692ef7aa336b133b0830a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/gpu/drm/drm_client_modeset.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.35"
            },
            {
              "lessThan": "2.6.35",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.322",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.291",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.251",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.188",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.123",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.42",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.322",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.291",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.251",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.188",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.123",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.42",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.7",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "2.6.35",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fix memory leak in drm_client_target_cloned\n\ndmt_mode is allocated and never freed in this function.\nIt was found with the ast driver, but most drivers using generic fbdev\nsetup are probably affected.\n\nThis fixes the following kmemleak report:\n  backtrace:\n    [\u003c00000000b391296d\u003e] drm_mode_duplicate+0x45/0x220 [drm]\n    [\u003c00000000e45bb5b3\u003e] drm_client_target_cloned.constprop.0+0x27b/0x480 [drm]\n    [\u003c00000000ed2d3a37\u003e] drm_client_modeset_probe+0x6bd/0xf50 [drm]\n    [\u003c0000000010e5cc9d\u003e] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]\n    [\u003c00000000909f82ca\u003e] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]\n    [\u003c00000000063a69aa\u003e] drm_client_register+0x169/0x240 [drm]\n    [\u003c00000000a8c61525\u003e] ast_pci_probe+0x142/0x190 [ast]\n    [\u003c00000000987f19bb\u003e] local_pci_probe+0xdc/0x180\n    [\u003c000000004fca231b\u003e] work_for_cpu_fn+0x4e/0xa0\n    [\u003c0000000000b85301\u003e] process_one_work+0x8b7/0x1540\n    [\u003c000000003375b17c\u003e] worker_thread+0x70a/0xed0\n    [\u003c00000000b0d43cd9\u003e] kthread+0x29f/0x340\n    [\u003c000000008d770833\u003e] ret_from_fork+0x1f/0x30\nunreferenced object 0xff11000333089a00 (size 128):"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-24T13:06:20.376Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/d3009700f48602b557eade1f22c98b6bc20247e8"
        },
        {
          "url": "https://git.kernel.org/stable/c/a4b978249e8fa94956fce8b70a709f7797716f62"
        },
        {
          "url": "https://git.kernel.org/stable/c/52daf6ba2e0d201640cb1ce42049c5c4426b4d6e"
        },
        {
          "url": "https://git.kernel.org/stable/c/105275879a80503686a8108af2f5c579a1c5aef4"
        },
        {
          "url": "https://git.kernel.org/stable/c/a85e23a1ef63e45a18f0a30d7816fcb4a865ca95"
        },
        {
          "url": "https://git.kernel.org/stable/c/b5359d7a5087ac398fc429da6833133b4784c268"
        },
        {
          "url": "https://git.kernel.org/stable/c/4b596a6e2d2e0f9c14e4122506dd715f43fcd727"
        },
        {
          "url": "https://git.kernel.org/stable/c/c2a88e8bdf5f6239948d75283d0ae7e0c7945b03"
        }
      ],
      "title": "drm/client: Fix memory leak in drm_client_target_cloned",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54091",
    "datePublished": "2025-12-24T13:06:20.376Z",
    "dateReserved": "2025-12-24T13:02:52.516Z",
    "dateUpdated": "2025-12-24T13:06:20.376Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2026-01236

CVE-2023-54091 (GCVE-0-2023-54091)

Tags

Sightings

Nomenclature