Memory Leak Vulnerability in Microchip VCAP API for Linux Kernel
CVE-2023-53303

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2023-53303?

A memory leak vulnerability in the Microchip VCAP API within the Linux kernel has been identified, specifically during the execution of the vcap_dup_rule() function. This issue arises when the configuration for CONFIG_VCAP_KUNIT_TEST is selected, leading to potential memory leaks if the kzalloc() operation is successful but the subsequent kmemdup() operation fails. As a result, allocated memory for 'duprule', 'ckf', and 'caf' is not properly freed, which can lead to system resource exhaustion over time. This vulnerability highlights the importance of proper memory management in kernel development.

Affected Version(s)

Linux 814e7693207f1bd936d600f9b5467f133e3d6e40

Linux 814e7693207f1bd936d600f9b5467f133e3d6e40 < 281f65d29d6da1a9b6907fb0b145aaf34f4e4822

Linux 6.3

References

https://git.kernel.org/stable/c/a26ba60413b2c8f95daf0ee01...

https://git.kernel.org/stable/c/281f65d29d6da1a9b6907fb0b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Sep 16, 2025