Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2023-54024

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
24/12/2025
Last modified:
29/12/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> KVM: Destroy target device if coalesced MMIO unregistration fails<br /> <br /> Destroy and free the target coalesced MMIO device if unregistering said<br /> device fails. As clearly noted in the code, kvm_io_bus_unregister_dev()<br /> does not destroy the target device.<br /> <br /> BUG: memory leak<br /> unreferenced object 0xffff888112a54880 (size 64):<br /> comm "syz-executor.2", pid 5258, jiffies 4297861402 (age 14.129s)<br /> hex dump (first 32 bytes):<br /> 38 c7 67 15 00 c9 ff ff 38 c7 67 15 00 c9 ff ff 8.g.....8.g.....<br /> e0 c7 e1 83 ff ff ff ff 00 30 67 15 00 c9 ff ff .........0g.....<br /> backtrace:<br /> [] kmalloc include/linux/slab.h:556 [inline]<br /> [] kzalloc include/linux/slab.h:690 [inline]<br /> [] kvm_vm_ioctl_register_coalesced_mmio+0x8e/0x3d0 arch/x86/kvm/../../../virt/kvm/coalesced_mmio.c:150<br /> [] kvm_vm_ioctl+0x47d/0x1600 arch/x86/kvm/../../../virt/kvm/kvm_main.c:3323<br /> [] vfs_ioctl fs/ioctl.c:46 [inline]<br /> [] file_ioctl fs/ioctl.c:509 [inline]<br /> [] do_vfs_ioctl+0xbab/0x1160 fs/ioctl.c:696<br /> [] ksys_ioctl+0x76/0xa0 fs/ioctl.c:713<br /> [] __do_sys_ioctl fs/ioctl.c:720 [inline]<br /> [] __se_sys_ioctl fs/ioctl.c:718 [inline]<br /> [] __x64_sys_ioctl+0x6f/0xb0 fs/ioctl.c:718<br /> [] do_syscall_64+0x9f/0x4e0 arch/x86/entry/common.c:290<br /> [] entry_SYSCALL_64_after_hwframe+0x49/0xbe<br /> <br /> BUG: leak checking failed

Impact

References to Advisories, Solutions, and Tools