{"id":"CVE-2023-52653","summary":"SUNRPC: fix a memleak in gss_import_v2_context","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix a memleak in gss_import_v2_context\n\nThe ctx-\u003emech_used.data allocated by kmemdup is not freed in neither\ngss_import_v2_context nor it only caller gss_krb5_import_sec_context,\nwhich frees ctx on error.\n\nThus, this patch reform the last call of gss_import_v2_context to the\ngss_krb5_import_ctx_v2, preventing the memleak while keepping the return\nformation.","modified":"2026-03-20T12:32:42.301025Z","published":"2024-05-01T13:04:02.055Z","related":["ALSA-2024:5101","ALSA-2024:5102","SUSE-SU-2024:1643-1","SUSE-SU-2024:1646-1","SUSE-SU-2024:1870-1","SUSE-SU-2024:1983-1","SUSE-SU-2024:2008-1","SUSE-SU-2024:2019-1","SUSE-SU-2024:2135-1","SUSE-SU-2024:2184-1","SUSE-SU-2024:2190-1","SUSE-SU-2024:2203-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:0834-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20249-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52653.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/47ac11db93e74ac49cd6c3fc69bcbc5964c4a8b4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/99044c01ed5329e73651c054d8a4baacdbb1a27c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d111e30d9cd846bb368faf3637dc0f71fcbcf822"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e67b652d8e8591d3b1e569dbcdfcee15993e91fa"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52653.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52653"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"47d84807762966c3611c38adecec6ea703ddda7a"},{"fixed":"99044c01ed5329e73651c054d8a4baacdbb1a27c"},{"fixed":"47ac11db93e74ac49cd6c3fc69bcbc5964c4a8b4"},{"fixed":"d111e30d9cd846bb368faf3637dc0f71fcbcf822"},{"fixed":"e67b652d8e8591d3b1e569dbcdfcee15993e91fa"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52653.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}