CVE-2023-52702

net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()

Description

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible memory leak in ovs_meter_cmd_set() old_meter needs to be free after it is detached regardless of whether the new meter is successfully attached.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.06%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/c0f65ee0a3329eb4b94beaef0268633696e2d0c6 patch
https://git.kernel.org/stable/c/1563e998a938f095548054ef09e277b562b79536 patch
https://git.kernel.org/stable/c/e336a9e08618203a456fb5367f1387b14554f55e patch
https://git.kernel.org/stable/c/2fa28f5c6fcbfc794340684f36d2581b4f2d20b5 patch

Frequently Asked Questions

What is the severity of CVE-2023-52702?
CVE-2023-52702 has been scored as a medium severity vulnerability.
How to fix CVE-2023-52702?
To fix CVE-2023-52702, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-52702 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-52702 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-52702?
CVE-2023-52702 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.