Home

Description

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nr_hw_queues Although we don't need to realloc set->tags[] when shrink nr_hw_queues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe null_blk nr_devices=0 submit_queues=8 3. mkdir /mnt/nullb/nullb0 4. echo 1 > /mnt/nullb/nullb0/power 5. echo 4 > /mnt/nullb/nullb0/submit_queues 6. rmdir /mnt/nullb/nullb0 In step 4, will alloc 9 tags (8 submit queues and 1 poll queue), then in step 5, new_nr_hw_queues = 5 (4 submit queues and 1 poll queue). At last in step 6, only these 5 tags are freed, the other 4 tags leaked.

PUBLISHED Reserved 2025-12-30 | Published 2025-12-30 | Updated 2025-12-30 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before c0ef7493e68b8896806a2f598fcffbaa97333405
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before e1dd7bc93029024af5688253b0c05181d6e01f8e
affected

Default status
affected

6.5.5 (semver)
unaffected

6.6 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/c0ef7493e68b8896806a2f598fcffbaa97333405

git.kernel.org/...c/e1dd7bc93029024af5688253b0c05181d6e01f8e

cve.org (CVE-2023-54227)

nvd.nist.gov (CVE-2023-54227)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.