CVE-2023-54146 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 ("x86/kexec: fix memory leak of elf header buffer"), freeing image->elf_headers in the error path of crash_load_segments() is not needed because kimage_file_post_load_cleanup() will take care of that later. And not clearing it could result in a double-free. Drop the superfluous vfree() call at the error path of crash_load_segments().

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/4c71a552b97fb4f46eb300224434fe56fcf4f254
https://git.kernel.org/stable/c/554a880a1fff46dd5a355dec21cd77d542a0ddf2
https://git.kernel.org/stable/c/5bd3c7abeb69fb4133418b846a1c6dc11313d6f0
https://git.kernel.org/stable/c/d00dd2f2645dca04cf399d8fc692f3f69b6dd996
https://git.kernel.org/stable/c/fbdbf8ac333d3d47c0d9ea81d7d445654431d100

History

Wed, 24 Dec 2025 13:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 ("x86/kexec: fix memory leak of elf header buffer"), freeing image->elf_headers in the error path of crash_load_segments() is not needed because kimage_file_post_load_cleanup() will take care of that later. And not clearing it could result in a double-free. Drop the superfluous vfree() call at the error path of crash_load_segments().
Title		x86/kexec: Fix double-free of elf header buffer
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/4c71a552b97fb4f46eb300224434fe56fcf4f254 https://git.kernel.org/stable/c/554a880a1fff46dd5a355dec21cd77d542a0ddf2 https://git.kernel.org/stable/c/5bd3c7abeb69fb4133418b846a1c6dc11313d6f0 https://git.kernel.org/stable/c/d00dd2f2645dca04cf399d8fc692f3f69b6dd996 https://git.kernel.org/stable/c/fbdbf8ac333d3d47c0d9ea81d7d445654431d100

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-24T13:06:58.904Z

Updated: 2025-12-24T13:06:58.904Z

Reserved: 2025-12-24T13:02:52.523Z

Link: CVE-2023-54146

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-24T13:16:16.607

Modified: 2025-12-24T13:16:16.607

Link: CVE-2023-54146

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object