Memory Leak in Linux Kernel USB Gadget for lpc32xx_udc
CVE-2023-53418

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2025

What is CVE-2023-53418?

A memory leak vulnerability exists in the Linux kernel USB gadget specifically for lpc32xx_udc. This issue arises when the debugfs_lookup() function is called without the accompanying dput() function, which should be invoked to prevent memory allocation issues. Over time, failure to address this can lead to increased memory usage and potential performance degradation. Developers are advised to use debugfs_lookup_and_remove() instead, as it incorporates necessary logic to manage memory correctly.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux e3d59eff47b8cc385acae9d7fb1c787857023376 < 036ada6ca9eea926abc0b0ef550b10488d66d4d8

Linux e3d59eff47b8cc385acae9d7fb1c787857023376 < 7a5fdd8660174a8056de57d1fdce3a7e9f77f60e

Linux e3d59eff47b8cc385acae9d7fb1c787857023376 < 72c25eb9ae4993ccac4821354ff34eb1f32e4781

References

https://git.kernel.org/stable/c/036ada6ca9eea926abc0b0ef5...

https://git.kernel.org/stable/c/7a5fdd8660174a8056de57d1f...

https://git.kernel.org/stable/c/72c25eb9ae4993ccac4821354...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Sep 17, 2025

JSON

Linux

What is CVE-2023-53418?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.