Memory Leak Issue in Linux Kernel's Thunderbolt Technology
CVE-2023-53527

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2023-53527?

A memory leak vulnerability exists in the Linux kernel's Thunderbolt subsystem, specifically within the tb_handle_dp_bandwidth_request function. This issue occurs when memory allocated in tb_queue_dp_bandwidth_request is not released after handling the request. If left unaddressed, this vulnerability could lead to increased memory usage, potentially impacting system performance and stability.

Affected Version(s)

Linux 6ce3563520be90a155706bafc186fc264a13850e < 0752bb32aed2c5dd85821195a507a1079c4835f7

Linux 6ce3563520be90a155706bafc186fc264a13850e < 596a5123cc782d458b057eb3837e66535cd0befa

Linux 6.3

References

https://git.kernel.org/stable/c/0752bb32aed2c5dd85821195a...

https://git.kernel.org/stable/c/596a5123cc782d458b057eb38...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Oct 1, 2025

JSON