CVE-2023-53449 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix potential memleak in dasd_eckd_init() `dasd_reserve_req` is allocated before `dasd_vol_info_req`, and it also needs to be freed before the error returns, just like the other cases in this function.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00032.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

OpenCVE Enrichment is a feature of OpenCVE that uses AI to automatically link vendors and products to CVEs. Learn more on GitHub.

Vendors	Products
Linux	Linux Kernel

References

Link	Providers
https://git.kernel.org/stable/c/460e9bed82e49db1b823dcb4e421783854d86c40
https://git.kernel.org/stable/c/544a552be0869231799784279d52704c4d314d33
https://git.kernel.org/stable/c/a50e28d433acf22258f9f34831057387f04ef074
https://git.kernel.org/stable/c/aede5230d154b6b237985ec9df7ebbd1dce96810
https://git.kernel.org/stable/c/ee986d80acdef710a886be404308188ea11000c8
https://git.kernel.org/stable/c/ef3a7ffc0a6f833578bc8d1dcb79d0633c7e4ec3
https://lore.kernel.org/linux-cve-announce/2025100103-CVE-2023-53449-b49f@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-53449
https://www.cve.org/CVERecord?id=CVE-2023-53449

History

Thu, 02 Oct 2025 09:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Thu, 02 Oct 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025100103-CVE-2023-53449-b49f@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-53449 https://www.cve.org/CVERecord?id=CVE-2023-53449
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Wed, 01 Oct 2025 12:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix potential memleak in dasd_eckd_init() `dasd_reserve_req` is allocated before `dasd_vol_info_req`, and it also needs to be freed before the error returns, just like the other cases in this function.
Title		s390/dasd: Fix potential memleak in dasd_eckd_init()
References		https://git.kernel.org/stable/c/460e9bed82e49db1b823dcb4e421783854d86c40 https://git.kernel.org/stable/c/544a552be0869231799784279d52704c4d314d33 https://git.kernel.org/stable/c/a50e28d433acf22258f9f34831057387f04ef074 https://git.kernel.org/stable/c/aede5230d154b6b237985ec9df7ebbd1dce96810 https://git.kernel.org/stable/c/ee986d80acdef710a886be404308188ea11000c8 https://git.kernel.org/stable/c/ef3a7ffc0a6f833578bc8d1dcb79d0633c7e4ec3

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-01T11:42:21.371Z

Updated: 2025-10-01T11:42:21.371Z

Reserved: 2025-09-17T14:54:09.753Z

Link: CVE-2023-53449

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-10-01T12:15:41.250

Modified: 2025-10-02T19:12:17.160

Link: CVE-2023-53449

Redhat

Severity : Low

Publid Date: 2025-10-01T00:00:00Z

Links: CVE-2023-53449 - Bugzilla

OpenCVE Enrichment

Updated: 2025-10-02T08:39:40Z

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object