#VU120303 Memory leak in Linux kernel - CVE-2023-54064
Published: December 26, 2025 / Updated: December 31, 2025
Vulnerability identifier: #VU120303
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-54064
CWE-ID: CWE-401
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Linux kernel
Linux kernel
Software vendor:
Linux Foundation
Linux Foundation
Description
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ssif_info_find() function in drivers/char/ipmi/ipmi_ssif.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's repository.
External links
- https://git.kernel.org/stable/c/13623b966bb6d36ba61646b69cd49cdac6e4978a
- https://git.kernel.org/stable/c/3ad53071fe8547eb8d8813971844cc43246008ee
- https://git.kernel.org/stable/c/74a1194cce60a90723d0fe148863c18931a31153
- https://git.kernel.org/stable/c/7db16d2e791bf2ec3e0249f56b7ec81c35bba6e6
- https://git.kernel.org/stable/c/b870caeb18041f856893066ded81c560db3d56cc
- https://git.kernel.org/stable/c/b8d72e32e1453d37ee5c8a219f24e7eeadc471ef
- https://git.kernel.org/stable/c/de677f4379fa67f650e367c188a0f80bee9b6732
- https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.257