vulnerability

Huawei EulerOS: CVE-2023-52653: kernel security update

Severity
5
CVSS
(AV:L/AC:L/Au:S/C:N/I:N/A:C)
Published
05/01/2024
Added
07/16/2024
Modified
02/18/2025

Description

In the Linux kernel, the following vulnerability has been resolved:

SUNRPC: fix a memleak in gss_import_v2_context

The ctx->mech_used.data allocated by kmemdup is not freed in neither
gss_import_v2_context nor it only caller gss_krb5_import_sec_context,
which frees ctx on error.

Thus, this patch reform the last call of gss_import_v2_context to the
gss_krb5_import_ctx_v2, preventing the memleak while keepping the return
formation.

Solution(s)

huawei-euleros-2_0_sp10-upgrade-kernelhuawei-euleros-2_0_sp10-upgrade-kernel-abi-stablelistshuawei-euleros-2_0_sp10-upgrade-kernel-toolshuawei-euleros-2_0_sp10-upgrade-kernel-tools-libshuawei-euleros-2_0_sp10-upgrade-python3-perf
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.