Memory Management Vulnerability in Linux Kernel Affecting Various Distros
CVE-2023-53353

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 17 September 2025

What is CVE-2023-53353?

A memory management vulnerability in the Linux kernel arises from improper handling of the memory manager IDR during file descriptor release. This issue can lead to memory leaks, as the IDR is destroyed while user contexts and memory buffers may still be active. To mitigate this risk, the IDR destruction process has been adjusted, ensuring it occurs only after all user contexts are released and memory buffers are no longer in use. This change enhances the stability and reliability of memory management within the kernel.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 840de329ca99cafd0cdde9c6ac160b1330942aba

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2e8e9a895c4589f124a37fc84d123b5114406e94

Linux 6.3.4 <= 6.3.*

References

https://git.kernel.org/stable/c/840de329ca99cafd0cdde9c6a...

https://git.kernel.org/stable/c/2e8e9a895c4589f124a37fc84...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 17, 2025
Vulnerability Reserved
Sep 16, 2025