CVE-2023-53353

Summary

In the Linux kernel, the following vulnerability has been resolved:

accel/habanalabs: postpone mem_mgr IDR destruction to hpriv_release()

The memory manager IDR is currently destroyed when user releases the file descriptor. However, at this point the user context might be still held, and memory buffers might be still in use. Later on, calls to release those buffers will fail due to not finding their handles in the IDR, leading to a memory leak. To avoid this leak, split the IDR destruction from the memory manager fini, and postpone it to hpriv_release() when there is no user context and no buffers are used.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0feaf86d4e69507ab9b2af7dcc63a6886352d5db < 840de329ca99cafd0cdde9c6ac160b1330942abaaffected
LinuxLinux0feaf86d4e69507ab9b2af7dcc63a6886352d5db < 2e8e9a895c4589f124a37fc84d123b5114406e94affected
LinuxLinux5.1affected
LinuxLinux0 < 5.1unaffected
LinuxLinux6.3.4 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References