{"id":"CVE-2023-54154","summary":"scsi: target: core: Fix target_cmd_counter leak","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: core: Fix target_cmd_counter leak\n\nThe target_cmd_counter struct allocated via target_alloc_cmd_counter() is\nnever freed, resulting in leaks across various transport types, e.g.:\n\n unreferenced object 0xffff88801f920120 (size 96):\n  comm \"sh\", pid 102, jiffies 4294892535 (age 713.412s)\n  hex dump (first 32 bytes):\n    07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n    00 00 00 00 00 00 00 00 38 01 92 1f 80 88 ff ff  ........8.......\n  backtrace:\n    [\u003c00000000e58a6252\u003e] kmalloc_trace+0x11/0x20\n    [\u003c0000000043af4b2f\u003e] target_alloc_cmd_counter+0x17/0x90 [target_core_mod]\n    [\u003c000000007da2dfa7\u003e] target_setup_session+0x2d/0x140 [target_core_mod]\n    [\u003c0000000068feef86\u003e] tcm_loop_tpg_nexus_store+0x19b/0x350 [tcm_loop]\n    [\u003c000000006a80e021\u003e] configfs_write_iter+0xb1/0x120\n    [\u003c00000000e9f4d860\u003e] vfs_write+0x2e4/0x3c0\n    [\u003c000000008143433b\u003e] ksys_write+0x80/0xb0\n    [\u003c00000000a7df29b2\u003e] do_syscall_64+0x42/0x90\n    [\u003c0000000053f45fb8\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nFree the structure alongside the corresponding iscsit_conn / se_sess\nparent.","modified":"2026-04-02T09:45:38.632655Z","published":"2025-12-24T13:07:04.721Z","related":["SUSE-SU-2026:0278-1","SUSE-SU-2026:0281-1","SUSE-SU-2026:0293-1","SUSE-SU-2026:0315-1","SUSE-SU-2026:20477-1","SUSE-SU-2026:20498-1","SUSE-SU-2026:20845-1","SUSE-SU-2026:20876-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54154.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/1cd41d1669bcbc5052afa897f85608a62ff3fb30"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d14e3e553e05cb763964c991fe6acb0a6a1c6f9c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f84639c5ac5f4f95b3992da1af4ff382ebf2e819"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54154.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-54154"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"76b77646f17118f5babe93c032e6b7a53bbde3b9"},{"fixed":"1cd41d1669bcbc5052afa897f85608a62ff3fb30"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"becd9be6069e7b183c084f460f0eb363e43cc487"},{"fixed":"f84639c5ac5f4f95b3992da1af4ff382ebf2e819"},{"fixed":"d14e3e553e05cb763964c991fe6acb0a6a1c6f9c"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"bc5ebf93ae23a928303b3643c6f4c4da2f769e7c"},{"last_affected":"1eaaf1b828cdaa58abccc68962d24005fd5e8852"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54154.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.1.55"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.5.5"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54154.json"}}],"schema_version":"1.7.5"}