CVE-2023-53697 — Missing Release of Resource after Effective Lifetime in Linux

CWE-772 — Missing Release of Resource after Effective Lifetime6 documents5 sources

Severity

4.7MEDIUM

No vector

EPSS

0.0%

top 92.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() Memory pointed by 'nd_pmu->pmu.attr_groups' is allocated in function 'register_nvdimm_pmu' and is lost after 'kfree(nd_pmu)' call in function 'unregister_nvdimm_pmu'.

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.18.0 — 6.1.53+2

▶Debianlinux/linux_kernel< 6.1.55-1+2

▶CVEListV5linux/linux0fab1ba6ad6ba1f76380f92ead95c6e861ef8116 — 500a6ff9c2a81348fe0f04e2deb758145e8ab94e+4

▶debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

OSV

nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu()↗2025-10-22

▶

OSV

CVE-2023-53697: In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() Memory pointed b↗2025-10-22

▶

GHSA

GHSA-xrjw-43g7-84q8: In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() Memory pointed↗2025-10-22

▶

📋Vendor Advisories

Red Hat

kernel: nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu()↗2025-10-22

▶

Debian

CVE-2023-53697: linux - In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix...↗2023

▶