drivers: base: dd: fix memory leak with using debugfs_lookup()
CVE-2023-53390

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2025

What is CVE-2023-53390?

In the Linux kernel, the following vulnerability has been resolved:

drivers: base: dd: fix memory leak with using debugfs_lookup()

When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7f1e53f88e8babf293ec052b70aa9d2a3554360c

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5a7a9efdb193d3c8a35821548a8e99612c358828

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 8e47e2bf78812adbd73c45c941d3c51add30b58d

References

https://git.kernel.org/stable/c/7f1e53f88e8babf293ec052b7...

https://git.kernel.org/stable/c/5a7a9efdb193d3c8a35821548...

https://git.kernel.org/stable/c/8e47e2bf78812adbd73c45c94...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Sep 17, 2025