CVE-2023-53637Missing Release of Memory after Effective Lifetime in Linux

CWE-401Missing Release of Memory after Effective Lifetime5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 97.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 7

Description

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov772x: Fix memleak in ov772x_probe() A memory leak was reported when testing ov772x with bpf mock device: AssertionError: unreferenced object 0xffff888109afa7a8 (size 8): comm "python3", pid 279, jiffies 4294805921 (age 20.681s) hex dump (first 8 bytes): 80 22 88 15 81 88 ff ff ."...... backtrace: [] __kmalloc_node+0x44/0x1b0 [] kvmalloc_node+0x34/0x180 [] v4l2_ctrl_handler_init_class+0x11d/0x180 [videodev] [] ov

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel4.174.19.276+5
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linux1112babde21483d86ed3fbad1320b0ddf9ab2ececc3b6011d7a9f149489eb9420c6305a779162c57+7
debiandebian/linux< linux 6.1.20-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
OSV
CVE-2023-53637: In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov772x: Fix memleak in ov772x_probe() A memory leak was reported when2025-10-07
GHSA
GHSA-9w73-69h2-5rjg: In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov772x: Fix memleak in ov772x_probe() A memory leak was reported whe2025-10-07

📋Vendor Advisories

2
Red Hat
kernel: media: i2c: ov772x: Fix memleak in ov772x_probe()2025-10-07
Debian
CVE-2023-53637: linux - In the Linux kernel, the following vulnerability has been resolved: media: i2c:...2023