CVE-2023-53411

Summary

In the Linux kernel, the following vulnerability has been resolved:

PM: EM: fix memory leak with using debugfs_lookup()

When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux27871f7a8a341ef5c636a337856369acf8013e4e < e974e8f1e37d22c0de07374f8ddc84073fef2f1daffected
LinuxLinux27871f7a8a341ef5c636a337856369acf8013e4e < 84e4d4885d0ae011860fb599d50d01b8fdca2b87affected
LinuxLinux27871f7a8a341ef5c636a337856369acf8013e4e < 5100c4efc30636aa48ac517dece3c3b7f84fe367affected
LinuxLinux27871f7a8a341ef5c636a337856369acf8013e4e < 30fee10192e1239478a0987bc7ee445d5e980d46affected
LinuxLinux27871f7a8a341ef5c636a337856369acf8013e4e < a0e8c13ccd6a9a636d27353da62c2410c4eca337affected
LinuxLinux5.0affected
LinuxLinux0 < 5.0unaffected
LinuxLinux5.10.173 <= 5.10.*unaffected
LinuxLinux5.15.99 <= 5.15.*unaffected
LinuxLinux6.1.16 <= 6.1.*unaffected
LinuxLinux6.2.3 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References