CVE-2023-53852
Description
In the Linux kernel, the following vulnerability has been resolved:
nvme-core: fix memory leak in dhchap_secret_store
Free dhchap_secret in nvme_ctrl_dhchap_secret_store() before we return fix following kmemleack:-
unreferenced object 0xffff8886376ea800 (size 64): comm "check", pid 22048, jiffies 4344316705 (age 92.199s) hex dump (first 32 bytes): 44 48 48 43 2d 31 3a 30 30 3a 6e 78 72 35 4b 67 DHHC-1:00:nxr5Kg 75 58 34 75 6f 41 78 73 4a 61 34 63 2f 68 75 4c uX4uoAxsJa4c/huL backtrace: [<0000000030ce5d4b>] __kmalloc+0x4b/0x130 [<000000009be1cdc1>] nvme_ctrl_dhchap_secret_store+0x8f/0x160 [nvme_core] [<00000000ac06c96a>] kernfs_fop_write_iter+0x12b/0x1c0 [<00000000437e7ced>] vfs_write+0x2ba/0x3c0 [<00000000f9491baf>] ksys_write+0x5f/0xe0 [<000000001c46513d>] do_syscall_64+0x3b/0x90 [<00000000ecf348fe>] entry_SYSCALL_64_after_hwframe+0x72/0xdc unreferenced object 0xffff8886376eaf00 (size 64): comm "check", pid 22048, jiffies 4344316736 (age 92.168s) hex dump (first 32 bytes): 44 48 48 43 2d 31 3a 30 30 3a 6e 78 72 35 4b 67 DHHC-1:00:nxr5Kg 75 58 34 75 6f 41 78 73 4a 61 34 63 2f 68 75 4c uX4uoAxsJa4c/huL backtrace: [<0000000030ce5d4b>] __kmalloc+0x4b/0x130 [<000000009be1cdc1>] nvme_ctrl_dhchap_secret_store+0x8f/0x160 [nvme_core] [<00000000ac06c96a>] kernfs_fop_write_iter+0x12b/0x1c0 [<00000000437e7ced>] vfs_write+0x2ba/0x3c0 [<00000000f9491baf>] ksys_write+0x5f/0xe0 [<000000001c46513d>] do_syscall_64+0x3b/0x90 [<00000000ecf348fe>] entry_SYSCALL_64_after_hwframe+0x72/0xdc
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A memory leak in Linux kernel's nvme-core dhchap_secret_store function can be triggered by repeatedly writing NVMe DHCHAP secrets, leading to kernel memory exhaustion.
Vulnerability
Analysis
The vulnerability is a memory leak in the Linux kernel's NVMe core subsystem, specifically in the nvme_ctrl_dhchap_secret_store() function. This function is responsible for storing DHCHAP (Diffie-Hellman Challenge Handshake Authentication Protocol) secrets used for NVMe over Fabrics authentication. The leak occurs because the function allocates memory for the secret string but fails to free it when the operation completes or encounters an error, resulting in unreferenced memory objects [1].
The kernel memory leak can be triggered by writing DHCHAP secrets via the sysfs interface (/sys/class/nvme/nvmeX/dhchap_secret). Each write operation allocates a new copy of the secret string using kmalloc, but the allocated memory is not released after use. Over time, repeated writes cause the kernel to accumulate multiple copies of the secret, consuming memory without bound [1].
Impact & Mitigation
An attacker with local access or the ability to write to the sysfs attribute (which typically requires root or CAP_SYS_ADMIN privileges) can cause a gradual depletion of kernel memory. This can lead to system instability, denial of service, or potential out-of-memory conditions affecting other processes. The fix ensures that the allocated secret buffer is freed before returning from the function [1].
The patch has been merged into the Linux kernel stable tree. Users are advised to apply the patch corresponding to commit a836ca33c5b07d34dd5347af9f64d25651d12674 or update to a kernel version containing this fix [1].
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
46a5eda501795a836ca33c5b02e9b14130755c41ac086d2abVulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
4News mentions
0No linked articles in our index yet.