Homepage

Release of Invalid Pointer or Reference The advisory has been revoked - it doesn't affect any version of package kernel-abi-whitelists  (opens in a new tab)

Threat Intelligence

EPSS
0.03% (9th percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
  • Snyk IDSNYK-CENTOS8-KERNELABIWHITELISTS-14331857
  • published10 Dec 2025
  • disclosed8 Dec 2025
Report a new vulnerability Found a mistake?

Introduced: 8 Dec 2025

NewCVE-2023-53746  (opens in a new tab)
CWE-763  (opens in a new tab)

Amendment

The Centos security team deemed this advisory irrelevant for Centos:8.

NVD Description

Note: Versions mentioned in the description apply only to the upstream kernel-abi-whitelists package and not the kernel-abi-whitelists package as distributed by Centos.

In the Linux kernel, the following vulnerability has been resolved:

s390/vfio-ap: fix memory leak in vfio_ap device driver

The device release callback function invoked to release the matrix device uses the dev_get_drvdata(device *dev) function to retrieve the pointer to the vfio_matrix_dev object in order to free its storage. The problem is, this object is not stored as drvdata with the device; since the kfree function will accept a NULL pointer, the memory for the vfio_matrix_dev object is never freed.

Since the device being released is contained within the vfio_matrix_dev object, the container_of macro will be used to retrieve its pointer.