Memory Leak Vulnerability in Linux Kernel Affecting Devices
CVE-2023-53674

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 7 October 2025

What is CVE-2023-53674?

A memory leak was identified in the Linux kernel due to a failure in properly registering the devres resource allocated by devm_clk_notifier_register(). This issue arises when the clk notifier is not unregistered upon device detachment, leading to unfreed resources. The problem was discovered through kmemleak analysis on Chromebook devices. Proper resource management measures are essential to prevent such leaks, and a fix has been implemented to ensure the notifier's registration through devres_add().

Affected Version(s)

Linux 6d30d50d037dfa092f9d5d1fffa348ab4abb7163

Linux 6d30d50d037dfa092f9d5d1fffa348ab4abb7163 < 49451db71b746df990888068961f1033f7c9b734

Linux 6d30d50d037dfa092f9d5d1fffa348ab4abb7163

References

https://git.kernel.org/stable/c/a326cf0107b197e649bbaa2a2...

https://git.kernel.org/stable/c/49451db71b746df9908880689...

https://git.kernel.org/stable/c/cb1b04fd4283fc8f9acefe0dd...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 7, 2025
Vulnerability Reserved
Oct 7, 2025

JSON