Memory Leak Issue in Linux Kernel USB Gadget Functionality
CVE-2023-53405

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2025

What is CVE-2023-53405?

A memory leak vulnerability exists in the Linux kernel's USB gadget functionality. When using the 'debugfs_lookup()' function, if the resultant pointer is not properly released via 'dput()', memory leaks can accumulate over time, leading to inefficient memory usage. To address this issue, it is recommended to use 'debugfs_lookup_and_remove()', which simplifies the code by handling both lookup and deallocation in one operation, effectively preventing resource leaks.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 30f9ba2396a1130eef7f2d3ee7ee8037b7c25be9

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 0933eca15f5223b5c2412080c8c3de8758465c78

References

https://git.kernel.org/stable/c/30f9ba2396a1130eef7f2d3ee...

https://git.kernel.org/stable/c/be21a66e17ee0ab5f3513b6c8...

https://git.kernel.org/stable/c/0933eca15f5223b5c2412080c...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Sep 17, 2025