Memory Leak in Linux Kernel Affects VMWare Balloon Driver
CVE-2023-53279

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
16 September 2025

What is CVE-2023-53279?

A memory leak vulnerability has been identified in the Linux kernel's vmw_balloon driver, which can lead to excessive memory consumption over time. This issue arises when the debugfs_lookup() function is improperly utilized without a corresponding dput() call, preventing proper memory allocation release. To mitigate this issue, it is recommended to use the debugfs_lookup_and_remove() function, which encapsulates the necessary logic to prevent memory leaks efficiently.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/b94b39bf3d545671f210a2257...
https://git.kernel.org/stable/c/d1c545e44c1ec08bef0c0c14e...
https://git.kernel.org/stable/c/f7651fa88b17c2d7af949981a...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2023-53279 : Memory Leak in Linux Kernel Affects VMWare Balloon Driver