CVE-2023-54171
Description
In the Linux kernel, the following vulnerability has been resolved:
tracing: Fix memory leak of iter->temp when reading trace_pipe
kmemleak reports: unreferenced object 0xffff88814d14e200 (size 256): comm "cat", pid 336, jiffies 4294871818 (age 779.490s) hex dump (first 32 bytes): 04 00 01 03 00 00 00 00 08 00 00 00 00 00 00 00 ................ 0c d8 c8 9b ff ff ff ff 04 5a ca 9b ff ff ff ff .........Z...... backtrace: [] __kmalloc+0x4f/0x140 [] trace_find_next_entry+0xbb/0x1d0 [] trace_print_lat_context+0xaf/0x4e0 [] print_trace_line+0x3e0/0x950 [] tracing_read_pipe+0x2d9/0x5a0 [] vfs_read+0x143/0x520 [] ksys_read+0xbd/0x160 [] do_syscall_64+0x3f/0x90 [] entry_SYSCALL_64_after_hwframe+0x6e/0xd8
when reading file 'trace_pipe', 'iter->temp' is allocated or relocated in trace_find_next_entry() but not freed before 'trace_pipe' is closed.
To fix it, free 'iter->temp' in tracing_release_pipe().
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Memory leak in Linux kernel's trace_pipe when reading; iter->temp not freed until pipe closed, leading to potential DoS.
Vulnerability
Description
In the Linux kernel, a memory leak vulnerability exists in the tracing subsystem when reading from the 'trace_pipe' file. The leak originates from 'iter->temp', which is allocated or relocated by trace_find_next_entry() during each read operation but is not freed until the file is closed. This oversight causes allocated memory to persist, accumulating over multiple read operations.
Exploitation
An unprivileged user with access to the 'trace_pipe' file can trigger the leak by repeatedly reading from it. No special privileges are required beyond the ability to open and read the file, which is typically accessible to users in the 'trace' group or with root privileges. The attack surface is local, as the file resides in the debugfs or tracefs filesystem.
Impact
Repeated exploitation leads to gradual memory depletion, potentially causing system instability or denial-of-service conditions. While not directly exploitable for privilege escalation or code execution, the leak can degrade system performance and availability.
Mitigation
The fix, which frees 'iter->temp' in tracing_release_pipe(), has been applied to the mainline kernel and backported to stable branches, as seen in commits [1][2]. Users are advised to update to the latest patched kernel version for their distribution.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
51a1e793e021d954792db9f61be970e22c53d3f42d57a76e7d5a821896360Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- git.kernel.org/stable/c/1a1e793e021d75cd0accd8f329ec9456e5cd105envd
- git.kernel.org/stable/c/3f42d57a76e7e96585f08855554e002218cbca0cnvd
- git.kernel.org/stable/c/954792db9f61b6c0b8a94b8831fed5f146014029nvd
- git.kernel.org/stable/c/be970e22c53d5572b2795b79da9716ada937023bnvd
- git.kernel.org/stable/c/d5a821896360cc8b93a15bd888fabc858c038dc0nvd
News mentions
0No linked articles in our index yet.