CVE-2023-53725 — Missing Release of Memory after Effective Lifetime in Linux

7 documents6 sources

Severity

—N/A

No vector

EPSS

0.0%

top 88.01%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +1 more

Timeline

PublishedOct 22

Latest updateJan 27

Description

In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe Smatch reports: drivers/clocksource/timer-cadence-ttc.c:529 ttc_timer_probe() warn: 'timer_baseaddr' from of_iomap() not released on lines: 498,508,516. timer_baseaddr may have the problem of not being released after use, I replaced it with the devm_of_iomap() function and added the clk_put() function to cleanup the "clk_ce" and "clk_cs".

Affected Packages5 packages

▶Linuxlinux/linux_kernel3.10.0 — 4.19.291+6

▶Debianlinux/linux_kernel< 5.10.191-1+3

▶CVEListV5linux/linuxe932900a3279b5dbb6d8f43c7b369003620e137c — e0a9cc90ea44a50d76a84f9f9bf1703d31fe45e9+8

▶debiandebian/linux< linux 6.1.52-1 (bookworm)

▶googlegoogle/chrome_chrome

🔴Vulnerability Details

GHSA

GHSA-2gf7-3qxp-c9rr: In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe Smatch repor↗2025-10-22

▶

OSV

CVE-2023-53725: In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe Smatch reports↗2025-10-22

▶

OSV

clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe↗2025-10-22

▶

📋Vendor Advisories

Chrome

Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2023-53725↗2026-01-27

▶

Red Hat

kernel: clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe↗2025-10-22

▶

Debian

CVE-2023-53725: linux - In the Linux kernel, the following vulnerability has been resolved: clocksource...↗2023

▶