CVE-2023-53276

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ubifs: Free memory for tmpfile name<br /> <br /> When opening a ubifs tmpfile on an encrypted directory, function<br /> fscrypt_setup_filename allocates memory for the name that is to be<br /> stored in the directory entry, but after the name has been copied to the<br /> directory entry inode, the memory is not freed.<br /> <br /> When running kmemleak on it we see that it is registered as a leak. The<br /> report below is triggered by a simple program &amp;#39;tmpfile&amp;#39; just opening a<br /> tmpfile:<br /> <br /> unreferenced object 0xffff88810178f380 (size 32):<br /> comm "tmpfile", pid 509, jiffies 4294934744 (age 1524.742s)<br /> backtrace:<br /> __kmem_cache_alloc_node<br /> __kmalloc<br /> fscrypt_setup_filename<br /> ubifs_tmpfile<br /> vfs_tmpfile<br /> path_openat<br /> <br /> Free this memory after it has been copied to the inode.