Memory Leak in Linux Kernel's OV2740 Media Driver
CVE-2023-53349

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 17 September 2025

What is CVE-2023-53349?

A memory leak has been identified in the OV2740 media driver of the Linux kernel. Specifically, the function ov2740_init_controls() fails to release all allocated resources when encountering errors during initialization. This oversight can result in unreferenced objects persisting in memory. The issue becomes evident when utilizing the media/i2c/ov2740.c with a BPF mock device, leading to potential memory inefficiencies and increased resource consumption. Implementing the v4l2_ctrl_handler_free() function is a critical step to mitigate this condition and ensure robust memory management.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 866edc895171f1256aad3e81dce193447955c202

Linux 866edc895171f1256aad3e81dce193447955c202 < 3969b2ebc66039306f505c7c630c5530800f83c0

Linux 866edc895171f1256aad3e81dce193447955c202

References

https://git.kernel.org/stable/c/a163ee11345d8322321c28bd6...

https://git.kernel.org/stable/c/3969b2ebc66039306f505c7c6...

https://git.kernel.org/stable/c/fc33380ae06f438b652f66b93...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 17, 2025
Vulnerability Reserved
Sep 16, 2025

JSON

Linux

What is CVE-2023-53349?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.