Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: erofs: fix memory leak of LZMA global compressed deduplication When stressing microLZMA EROFS images with the new global compressed deduplication feature enabled (`-Ededupe`), I found some short-lived temporary pages weren't properly released, which could slowly cause unexpected OOMs hours later. Let's fix it now (LZ4 and DEFLATE don't have this issue.)
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 6.1, < 6.1.57 |
Related Weaknesses (CWE)
References
- https://git.kernel.org/stable/c/6a5a8f0a9740f865693d5aa97a42cc4504538e18Patch
- https://git.kernel.org/stable/c/75a5221630fe5aa3fedba7a06be618db0f79ba1ePatch
- https://git.kernel.org/stable/c/c955751cbf864cf2055117dd3fe7f780d2a57b56Patch
- https://git.kernel.org/stable/c/6a5a8f0a9740f865693d5aa97a42cc4504538e18Patch
- https://git.kernel.org/stable/c/75a5221630fe5aa3fedba7a06be618db0f79ba1ePatch
- https://git.kernel.org/stable/c/c955751cbf864cf2055117dd3fe7f780d2a57b56Patch
FAQ
What is CVE-2023-52526?
CVE-2023-52526 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: erofs: fix memory leak of LZMA global compressed deduplication When stressing microLZMA EROFS images with the new global compresse...
How severe is CVE-2023-52526?
CVE-2023-52526 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-52526?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.