CVE-2023-53693Missing Release of Memory after Effective Lifetime in Linux

6 documents5 sources
Severity
N/A
No vector
EPSS
0.0%
top 91.72%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in raw_gadget driver Currently, increasing raw_dev->count happens before invoke the raw_queue_event(), if the raw_queue_event() return error, invoke raw_release() will not trigger the dev_free() to be called. [ 268.905865][ T5067] raw-gadget.0 gadget.0: failed to queue event [ 268.912053][ T5067] udc dummy_udc.0: failed to start USB Raw Gadget: -12 [ 268.918885][ T5067] raw-gadget.0: probe of

Affected Packages4 packages

Linuxlinux/linux_kernel5.7.05.10.190+3
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linuxf2c2e717642c66f7fe7e5dd69b2e8ff5849f4d1068e6287ac61dc22513cd39f02b9ac1fef28513e4+5
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
OSV
USB: gadget: Fix the memory leak in raw_gadget driver2025-10-22
GHSA
GHSA-cf5g-vjxj-5fc7: In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in raw_gadget driver Currently, increasing raw_2025-10-22
OSV
CVE-2023-53693: In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in raw_gadget driver Currently, increasing raw_de2025-10-22

📋Vendor Advisories

2
Red Hat
kernel: USB: gadget: Fix the memory leak in raw_gadget driver2025-10-22
Debian
CVE-2023-53693: linux - In the Linux kernel, the following vulnerability has been resolved: USB: gadget...2023