CVE-2023-53416

Summary

In the Linux kernel, the following vulnerability has been resolved:

USB: isp1362: fix memory leak with using debugfs_lookup()

When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7347f4b95f645f7c89b9294ca1b561c25d05a224 < fb284bee1e213c94be9131d1aca7c16bd6ba259daffected
LinuxLinux7347f4b95f645f7c89b9294ca1b561c25d05a224 < b0a8195a84a725ca7936c213b5e056d2a3ab2a94affected
LinuxLinux7347f4b95f645f7c89b9294ca1b561c25d05a224 < 9d537c35e48feba9d450acca0ff14a55ce1ec450affected
LinuxLinux7347f4b95f645f7c89b9294ca1b561c25d05a224 < c26e682afc14caa87d44beed271eec8991e93c65affected
LinuxLinux5.13affected
LinuxLinux0 < 5.13unaffected
LinuxLinux5.15.100 <= 5.15.*unaffected
LinuxLinux6.1.18 <= 6.1.*unaffected
LinuxLinux6.2.5 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References