{"id":"CVE-2023-53396","summary":"ubifs: Fix memory leak in do_rename","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Fix memory leak in do_rename\n\nIf renaming a file in an encrypted directory, function\nfscrypt_setup_filename allocates memory for a file name. This name is\nnever used, and before returning to the caller the memory for it is not\nfreed.\n\nWhen running kmemleak on it we see that it is registered as a leak. The\nreport below is triggered by a simple program 'rename' that renames a\nfile in an encrypted directory:\n\n  unreferenced object 0xffff888101502840 (size 32):\n    comm \"rename\", pid 9404, jiffies 4302582475 (age 435.735s)\n    backtrace:\n      __kmem_cache_alloc_node\n      __kmalloc\n      fscrypt_setup_filename\n      do_rename\n      ubifs_rename\n      vfs_rename\n      do_renameat2\n\nTo fix this we can remove the call to fscrypt_setup_filename as it's not\nneeded.","modified":"2026-04-02T09:44:08.164015Z","published":"2025-09-18T13:33:37.360Z","related":["SUSE-SU-2025:03615-1","SUSE-SU-2025:03628-1","SUSE-SU-2025:3716-1","SUSE-SU-2025:3761-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53396.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/3a36d20e012903f45714df2731261fdefac900cb"},{"type":"WEB","url":"https://git.kernel.org/stable/c/43b2f7d690697182beed6f71aa57b7249d3cfc9c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/517ddc0259d7a7231486bdafde8035c478bc4088"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7e264f67b7d6580eff5c2696961039fd05c69258"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9f565752b328fe53c9e42b7d4e4d89a1da63d738"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53396.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53396"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"c67bc98d1f0853bb196e9c48eab38b6f2ddab795"},{"fixed":"43b2f7d690697182beed6f71aa57b7249d3cfc9c"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"278d9a243635f26c05ad95dcf9c5a593b9e04dc6"},{"fixed":"9f565752b328fe53c9e42b7d4e4d89a1da63d738"},{"fixed":"7e264f67b7d6580eff5c2696961039fd05c69258"},{"fixed":"517ddc0259d7a7231486bdafde8035c478bc4088"},{"fixed":"3a36d20e012903f45714df2731261fdefac900cb"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"17495eb2f7f08113b50aba298c2c1a045824c4f7"},{"last_affected":"868de33a39e0e1e91ed3ce4a23a65f30144d2443"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53396.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}