Memory Leak in Linux Kernel's Ext4 File System Repository
CVE-2023-53662

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 7 October 2025

What is CVE-2023-53662?

A memory leak vulnerability exists in the Linux kernel's ext4 file system that occurs during filename casefolding when certain operations fail. Specifically, if the filename casefolding fails, memory allocated for fscrypt_name struct can be leaked from the 'crypto_buf.name' member. Developers should ensure that this memory is appropriately freed during error handling within the ext4_fname_setup_filename() and ext4_fname_prepare_lookup() functions to prevent potential resource depletion.

Affected Version(s)

Linux 1ae98e295fa2577fb5e492200c58d10230e00e99 < 1fb3f1bbfdb511034b0360dbeb0f6a8424ed2a5c

Linux 1ae98e295fa2577fb5e492200c58d10230e00e99 < 36daf050be3f6f067631dc52054de2d3b7cc849f

Linux 1ae98e295fa2577fb5e492200c58d10230e00e99 < 7ca4b085f430f3774c3838b3da569ceccd6a0177

References

https://git.kernel.org/stable/c/1fb3f1bbfdb511034b0360dbe...

https://git.kernel.org/stable/c/36daf050be3f6f067631dc520...

https://git.kernel.org/stable/c/7ca4b085f430f3774c3838b3d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 7, 2025
Vulnerability Reserved
Oct 7, 2025

JSON