Memory Leak Vulnerability in Linux Kernel Affects USB Subsystem
CVE-2023-53417

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2025

What is CVE-2023-53417?

A memory leak vulnerability exists in the Linux kernel's USB subsystem, specifically within the handling of the debugfs_lookup() function. If not properly addressed, the failure to call dput() after using debugfs_lookup() can lead to increased memory usage over time, which may affect system performance and stability. To mitigate this issue, it's recommended to use the debugfs_lookup_and_remove() function, which incorporates the necessary cleanup logic, preventing memory leaks effectively.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 54166af8941d0cf46b65cfa2fbce76e38d82fadf

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 04fdfec7b0286972cb5457ef958c92585447a39f

References

https://git.kernel.org/stable/c/bb4d5eefb67095d7c3b70b084...

https://git.kernel.org/stable/c/54166af8941d0cf46b65cfa2f...

https://git.kernel.org/stable/c/04fdfec7b0286972cb5457ef9...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Sep 17, 2025