{"id":"CVE-2023-54091","summary":"drm/client: Fix memory leak in drm_client_target_cloned","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fix memory leak in drm_client_target_cloned\n\ndmt_mode is allocated and never freed in this function.\nIt was found with the ast driver, but most drivers using generic fbdev\nsetup are probably affected.\n\nThis fixes the following kmemleak report:\n  backtrace:\n    [\u003c00000000b391296d\u003e] drm_mode_duplicate+0x45/0x220 [drm]\n    [\u003c00000000e45bb5b3\u003e] drm_client_target_cloned.constprop.0+0x27b/0x480 [drm]\n    [\u003c00000000ed2d3a37\u003e] drm_client_modeset_probe+0x6bd/0xf50 [drm]\n    [\u003c0000000010e5cc9d\u003e] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper]\n    [\u003c00000000909f82ca\u003e] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper]\n    [\u003c00000000063a69aa\u003e] drm_client_register+0x169/0x240 [drm]\n    [\u003c00000000a8c61525\u003e] ast_pci_probe+0x142/0x190 [ast]\n    [\u003c00000000987f19bb\u003e] local_pci_probe+0xdc/0x180\n    [\u003c000000004fca231b\u003e] work_for_cpu_fn+0x4e/0xa0\n    [\u003c0000000000b85301\u003e] process_one_work+0x8b7/0x1540\n    [\u003c000000003375b17c\u003e] worker_thread+0x70a/0xed0\n    [\u003c00000000b0d43cd9\u003e] kthread+0x29f/0x340\n    [\u003c000000008d770833\u003e] ret_from_fork+0x1f/0x30\nunreferenced object 0xff11000333089a00 (size 128):","modified":"2026-04-02T09:45:37.367222Z","published":"2025-12-24T13:06:20.376Z","related":["SUSE-SU-2026:0263-1","SUSE-SU-2026:0278-1","SUSE-SU-2026:0281-1","SUSE-SU-2026:0293-1","SUSE-SU-2026:0315-1","SUSE-SU-2026:0316-1","SUSE-SU-2026:0317-1","SUSE-SU-2026:0411-1","SUSE-SU-2026:0617-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54091.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/105275879a80503686a8108af2f5c579a1c5aef4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4b596a6e2d2e0f9c14e4122506dd715f43fcd727"},{"type":"WEB","url":"https://git.kernel.org/stable/c/52daf6ba2e0d201640cb1ce42049c5c4426b4d6e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a4b978249e8fa94956fce8b70a709f7797716f62"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a85e23a1ef63e45a18f0a30d7816fcb4a865ca95"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b5359d7a5087ac398fc429da6833133b4784c268"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c2a88e8bdf5f6239948d75283d0ae7e0c7945b03"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d3009700f48602b557eade1f22c98b6bc20247e8"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54091.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-54091"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"1d42bbc8f7f9ce4d852692ef7aa336b133b0830a"},{"fixed":"d3009700f48602b557eade1f22c98b6bc20247e8"},{"fixed":"a4b978249e8fa94956fce8b70a709f7797716f62"},{"fixed":"52daf6ba2e0d201640cb1ce42049c5c4426b4d6e"},{"fixed":"105275879a80503686a8108af2f5c579a1c5aef4"},{"fixed":"a85e23a1ef63e45a18f0a30d7816fcb4a865ca95"},{"fixed":"b5359d7a5087ac398fc429da6833133b4784c268"},{"fixed":"4b596a6e2d2e0f9c14e4122506dd715f43fcd727"},{"fixed":"c2a88e8bdf5f6239948d75283d0ae7e0c7945b03"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54091.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.6.35"},{"fixed":"4.14.322"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.291"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.251"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.188"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.123"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.42"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.4.7"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54091.json"}}],"schema_version":"1.7.5"}