{"id":"CVE-2023-53611","summary":"ipmi_si: fix a memleak in try_smi_init()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nipmi_si: fix a memleak in try_smi_init()\n\nKmemleak reported the following leak info in try_smi_init():\n\nunreferenced object 0xffff00018ecf9400 (size 1024):\n  comm \"modprobe\", pid 2707763, jiffies 4300851415 (age 773.308s)\n  backtrace:\n    [\u003c000000004ca5b312\u003e] __kmalloc+0x4b8/0x7b0\n    [\u003c00000000953b1072\u003e] try_smi_init+0x148/0x5dc [ipmi_si]\n    [\u003c000000006460d325\u003e] 0xffff800081b10148\n    [\u003c0000000039206ea5\u003e] do_one_initcall+0x64/0x2a4\n    [\u003c00000000601399ce\u003e] do_init_module+0x50/0x300\n    [\u003c000000003c12ba3c\u003e] load_module+0x7a8/0x9e0\n    [\u003c00000000c246fffe\u003e] __se_sys_init_module+0x104/0x180\n    [\u003c00000000eea99093\u003e] __arm64_sys_init_module+0x24/0x30\n    [\u003c0000000021b1ef87\u003e] el0_svc_common.constprop.0+0x94/0x250\n    [\u003c0000000070f4f8b7\u003e] do_el0_svc+0x48/0xe0\n    [\u003c000000005a05337f\u003e] el0_svc+0x24/0x3c\n    [\u003c000000005eb248d6\u003e] el0_sync_handler+0x160/0x164\n    [\u003c0000000030a59039\u003e] el0_sync+0x160/0x180\n\nThe problem was that when an error occurred before handlers registration\nand after allocating `new_smi-\u003esi_sm`, the variable wouldn't be freed in\nthe error handling afterwards since `shutdown_smi()` hadn't been\nregistered yet. Fix it by adding a `kfree()` in the error handling path\nin `try_smi_init()`.","modified":"2026-03-20T12:33:15.512674Z","published":"2025-10-04T15:44:19.593Z","related":["SUSE-SU-2025:21040-1","SUSE-SU-2025:21052-1","SUSE-SU-2025:21056-1","SUSE-SU-2025:21064-1","SUSE-SU-2025:4057-1","SUSE-SU-2025:4111-1","SUSE-SU-2025:4128-1","SUSE-SU-2025:4132-1","SUSE-SU-2025:4139-1","SUSE-SU-2025:4140-1","SUSE-SU-2025:4141-1","SUSE-SU-2025:4149-1","SUSE-SU-2025:4189-1","SUSE-SU-2025:4301-1","SUSE-SU-2025:4320-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53611.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/09cb2a71b2e982015fe0464f28da1ab42b8e6375"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1bfcfea0fae0d0a6c6ff5543e6d704b3807b83ce"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5c5f02e16b919c8cb6024dc3778c8d8f1fb1f26b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/6cf1a126de2992b4efe1c3c4d398f8de4aed6e3f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7291af9a738d936c2d6869d030711dceb68404d0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b9bc8fbb2d416ce87f0342478dc9fcfd79f2c65f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cbb7d8a4b4beb3061b3a1847a742983a01dca381"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f53ab5a2bf20fed59a2f7542d3453228b8056358"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53611.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53611"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"7960f18a56475bf2177c5ff56c72eb4c12c56440"},{"fixed":"b9bc8fbb2d416ce87f0342478dc9fcfd79f2c65f"},{"fixed":"f53ab5a2bf20fed59a2f7542d3453228b8056358"},{"fixed":"5c5f02e16b919c8cb6024dc3778c8d8f1fb1f26b"},{"fixed":"cbb7d8a4b4beb3061b3a1847a742983a01dca381"},{"fixed":"09cb2a71b2e982015fe0464f28da1ab42b8e6375"},{"fixed":"1bfcfea0fae0d0a6c6ff5543e6d704b3807b83ce"},{"fixed":"7291af9a738d936c2d6869d030711dceb68404d0"},{"fixed":"6cf1a126de2992b4efe1c3c4d398f8de4aed6e3f"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53611.json"}}],"schema_version":"1.7.5"}