{
  "schema_version": "1.4.0",
  "id": "GHSA-427x-59vx-vjwq",
  "modified": "2025-09-18T15:30:34Z",
  "published": "2025-09-18T15:30:34Z",
  "aliases": [
    "CVE-2023-53396"
  ],
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Fix memory leak in do_rename\n\nIf renaming a file in an encrypted directory, function\nfscrypt_setup_filename allocates memory for a file name. This name is\nnever used, and before returning to the caller the memory for it is not\nfreed.\n\nWhen running kmemleak on it we see that it is registered as a leak. The\nreport below is triggered by a simple program 'rename' that renames a\nfile in an encrypted directory:\n\n  unreferenced object 0xffff888101502840 (size 32):\n    comm \"rename\", pid 9404, jiffies 4302582475 (age 435.735s)\n    backtrace:\n      __kmem_cache_alloc_node\n      __kmalloc\n      fscrypt_setup_filename\n      do_rename\n      ubifs_rename\n      vfs_rename\n      do_renameat2\n\nTo fix this we can remove the call to fscrypt_setup_filename as it's not\nneeded.",
  "severity": [],
  "affected": [],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53396"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3a36d20e012903f45714df2731261fdefac900cb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/43b2f7d690697182beed6f71aa57b7249d3cfc9c"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/517ddc0259d7a7231486bdafde8035c478bc4088"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/7e264f67b7d6580eff5c2696961039fd05c69258"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/9f565752b328fe53c9e42b7d4e4d89a1da63d738"
    }
  ],
  "database_specific": {
    "cwe_ids": [],
    "severity": null,
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-18T14:15:42Z"
  }
}