Memory Leak Vulnerability in Linux Kernel's USB Gadget Driver by Broadcom
CVE-2023-53412

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2025

What is CVE-2023-53412?

A memory leak has been identified within the USB gadget driver in the Linux kernel, specifically related to the bcm63xx_udc. The issue arises from the improper handling of memory when utilizing the debugfs_lookup() function. If the dput() function is not called after debugfs_lookup(), it leads to a gradual increase in memory usage, potentially affecting system performance. The recommended resolution is to use the debugfs_lookup_and_remove() function instead, which integrates both lookup and memory management logic, thus preventing the leak.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 0cac357717168f84d2f75e884a9cff52e6471aaa

Linux 0cac357717168f84d2f75e884a9cff52e6471aaa < 31de0b70ae5661a407e9d578bbc41de2d83ac25d

Linux 0cac357717168f84d2f75e884a9cff52e6471aaa

References

https://git.kernel.org/stable/c/b0a2663ecbe8f65cd3bab2b34...

https://git.kernel.org/stable/c/31de0b70ae5661a407e9d578b...

https://git.kernel.org/stable/c/f30c7046dfa2748520a8045bb...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Sep 17, 2025

JSON

Linux

What is CVE-2023-53412?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.