Memory Leak Vulnerability in Linux Kernel's USB Gadget Driver by Broadcom
CVE-2023-53412
Currently unrated
What is CVE-2023-53412?
A memory leak has been identified within the USB gadget driver in the Linux kernel, specifically related to the bcm63xx_udc. The issue arises from the improper handling of memory when utilizing the debugfs_lookup() function. If the dput() function is not called after debugfs_lookup(), it leads to a gradual increase in memory usage, potentially affecting system performance. The recommended resolution is to use the debugfs_lookup_and_remove() function instead, which integrates both lookup and memory management logic, thus preventing the leak.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 31de0b70ae5661a407e9d578bbc41de2d83ac25d
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2