Memory Leak Vulnerability in Linux Kernel USB Component by The Linux Foundation
CVE-2023-53404

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2025

What is CVE-2023-53404?

A memory leak vulnerability in the USB component of the Linux kernel has been addressed. When debugfs_lookup() is invoked, it’s crucial to ensure that dput() is called on the result to prevent accumulated memory leaks over time. The recommended approach to avoid this issue is to use debugfs_lookup_and_remove(), which simplifies the process by managing the necessary logic, thereby enhancing the stability and performance of the system.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4a71b15744b8f286718722f80b663c06ed909d8a

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7d2d3bef6d700eb4261fb6761de2c95a9e3c0ac8

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 55c2ffc534928f4732199617e3b746d79a57898f

References

https://git.kernel.org/stable/c/4a71b15744b8f286718722f80...

https://git.kernel.org/stable/c/7d2d3bef6d700eb4261fb6761...

https://git.kernel.org/stable/c/55c2ffc534928f4732199617e...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Sep 17, 2025