Memory Leak in Linux Kernel's TCP/UDP Modules Affecting Multiple Versions
CVE-2023-53489

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2023-53489?

The Linux kernel has been identified with a vulnerability that causes memory leaks in TCP and UDP modules. This occurs during the process of sending messages with zero-copy socket buffers, where references to socket buffers are not released appropriately, leading to unreferenced memory objects. When a socket configured with timestamp options and zero copy is closed, certain memory references remain unfreed, creating a circular dependency that prevents effective cleanup. These conditions can result in significant resource consumption, impacting system stability and performance.

Affected Version(s)

Linux f214f915e7db99091f1312c48b30928c1e0c90b7 < 281072fb2a7294cde7acbf5375b879f40a8001b7

Linux f214f915e7db99091f1312c48b30928c1e0c90b7 < 1f69c086b20e27763af28145981435423f088268

Linux f214f915e7db99091f1312c48b30928c1e0c90b7 < 602fa8af44fd55a58f9e94eb673e8adad2c6cc46

References

https://git.kernel.org/stable/c/281072fb2a7294cde7acbf537...

https://git.kernel.org/stable/c/1f69c086b20e27763af281459...

https://git.kernel.org/stable/c/602fa8af44fd55a58f9e94eb6...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Oct 1, 2025

JSON