🛡️ UBUNTU-CVE-2023-53136
⚪ Unknown ✅ No Known Exploit OSV
N/A
CVSS Score
0 Low4 Medium7 High9 Critical10

Description

In the Linux kernel, the following vulnerability has been resolved: af_unix: fix struct pid leaks in OOB support syzbot reported struct pid leak [1]. Issue is that queue_oob() calls maybe_add_creds() which potentially holds a reference on a pid. But skb->destructor is not set (either directly or by calling unix_scm_to_skb()) This means that subsequent kfree_skb() or consume_skb() would leak this reference. In this fix, I chose to fully support scm even for the OOB message. [1] BUG: memory leak unreferenced object 0xffff8881053e7f80 (size 128): comm "syz-executor242", pid 5066, jiffies 4294946079 (age 13.220s) hex dump (first 32 bytes): 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [] alloc_pid+0x6a/0x560 kernel/pid.c:180 [] copy_process+0x169f/0x26c0 kernel/fork.c:2285 [] kernel_clone+0xf7/0x610 kernel/fork.c:2684 [] __do_sys_clone+0x7c/0xb0 kernel/fork.c:2825 [] do_syscall_x64 arch/x86/entry/common.c:50 [inline] [] do_syscall_64+0x39/0xb0 arch/x86/entry/common.c:80 [] entry_SYSCALL_64_after_hwframe+0x63/0xcd

Details

Severity Unknown
CVSS Score N/A
CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
CWE N/A
Public Exploit ✅ No
Source OSV
Published 2025-05-02
Updated 2026-06-15
Modified 2026-06-08
Fix URL N/A

Affected Packages

Software From version Fixed in
linux 5.15.0-79.86
linux-allwinner-5.19
linux-aws 5.15.0-1042.47
linux-aws-5.0
linux-aws-5.11
linux-aws-5.13
linux-aws-5.15 5.15.0-1041.46~20.04.1
linux-aws-5.19
linux-aws-5.3
linux-aws-5.8
linux-aws-6.2
linux-aws-6.5
linux-azure 5.15.0-1045.52
linux-azure-5.11
linux-azure-5.13
linux-azure-5.15 5.15.0-1045.52~20.04.1
linux-azure-5.19
linux-azure-5.3
linux-azure-5.8
linux-azure-6.2
linux-azure-6.5
linux-azure-edge
linux-azure-fde
linux-azure-fde-5.19
linux-azure-fde-6.2
linux-bluefield
linux-fips
linux-gcp 5.15.0-1039.47
linux-gcp-5.11
linux-gcp-5.13
linux-gcp-5.15 5.15.0-1039.47~20.04.1
linux-gcp-5.19
linux-gcp-5.3
linux-gcp-5.8
linux-gcp-6.2
linux-gcp-6.5
linux-gke 5.15.0-1039.44
linux-gke-4.15
linux-gke-5.15
linux-gke-5.4
linux-gkeop 5.15.0-1025.30
linux-gkeop-5.15
linux-gkeop-5.4
linux-hwe
linux-hwe-5.11
linux-hwe-5.13
linux-hwe-5.15 5.15.0-79.86~20.04.2
linux-hwe-5.19
linux-hwe-5.8
linux-hwe-6.2
linux-hwe-6.5
linux-hwe-edge
linux-ibm 5.15.0-1035.38
linux-ibm-5.15 5.15.0-1036.39~20.04.1
linux-intel-5.13
linux-intel-iot-realtime 5.15.0-1036.38
linux-intel-iotg 5.15.0-1037.42
linux-intel-iotg-5.15 5.15.0-1037.42~20.04.1
linux-kvm 5.15.0-1039.44
linux-lowlatency 5.15.0-79.88
linux-lowlatency-hwe-5.15 5.15.0-79.88~20.04.1
linux-lowlatency-hwe-5.19
linux-lowlatency-hwe-6.2
linux-lowlatency-hwe-6.5
linux-nvidia 5.15.0-1030.30
linux-nvidia-6.2
linux-nvidia-6.5
linux-nvidia-tegra 5.15.0-1016.16
linux-nvidia-tegra-5.15 5.15.0-1016.16~20.04.1
linux-nvidia-tegra-igx 5.15.0-1002.2
linux-oem
linux-oem-5.10
linux-oem-5.13
linux-oem-5.14
linux-oem-5.17
linux-oem-5.6
linux-oem-6.0
linux-oem-6.1
linux-oem-6.5
linux-oracle 5.15.0-1040.46
linux-oracle-5.0
linux-oracle-5.11
linux-oracle-5.13
linux-oracle-5.15 5.15.0-1040.46~20.04.1
linux-oracle-5.3
linux-oracle-5.8
linux-oracle-6.5
linux-raspi 5.15.0-1035.38
linux-raspi-realtime
linux-raspi2
linux-realtime
linux-riscv
linux-riscv-5.11
linux-riscv-5.15 5.15.0-1038.42~20.04.2
linux-riscv-5.19
linux-riscv-5.8
linux-riscv-6.5
linux-starfive-5.19
linux-starfive-6.2
linux-starfive-6.5
linux-xilinx-zynqmp 5.15.0-1025.29

Similar Threats

Exploit Protection

Help block exploit attempts

BotEraser is designed to detect and help reduce malicious bot traffic that may target known vulnerabilities on your site.

Try BotEraser Free →

No credit card required  ·  Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.