CVE-2023-53407

Summary

In the Linux kernel, the following vulnerability has been resolved:

USB: gadget: pxa27x_udc: fix memory leak with using debugfs_lookup()

When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux8efd88f946017b69af67931a133b6dce92c27fd0 < 8da78a60f3323ce7aac589d49fb82f71a04bc835affected
LinuxLinux8efd88f946017b69af67931a133b6dce92c27fd0 < b14d188d0d0b86e2180525aefd570dbb6ebd6aa9affected
LinuxLinux8efd88f946017b69af67931a133b6dce92c27fd0 < 67c931a3f2f061bf457995fd21fff114325e0c30affected
LinuxLinux8efd88f946017b69af67931a133b6dce92c27fd0 < 7a6952fa0366d4408eb8695af1a0578c39ec718aaffected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux5.15.100 <= 5.15.*unaffected
LinuxLinux6.1.18 <= 6.1.*unaffected
LinuxLinux6.2.5 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References