CVE-2023-53405

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53405
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53405.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53405
Downstream
Related
Published
2025-09-18T13:58:44.401Z
Modified
2026-02-25T09:15:35.591590448Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
USB: gadget: gr_udc: fix memory leak with using debugfs_lookup()
Details

In the Linux kernel, the following vulnerability has been resolved:

USB: gadget: grudc: fix memory leak with using debugfslookup()

When calling debugfslookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove() instead which handles all of the logic at once.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53405.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
425de3182c91b467f1fc8a0de841d74d866719ca
Fixed
30f9ba2396a1130eef7f2d3ee7ee8037b7c25be9
Fixed
be21a66e17ee0ab5f3513b6c86659e60cec5e981
Fixed
0933eca15f5223b5c2412080c8c3de8758465c78
Fixed
73f4451368663ad28daa67980c6dd11d83b303eb

Affected versions

v5.*
v5.13
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.61
v5.15.62
v5.15.63
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.7
v5.15.70
v5.15.71
v5.15.72
v5.15.73
v5.15.74
v5.15.75
v5.15.76
v5.15.77
v5.15.78
v5.15.79
v5.15.8
v5.15.80
v5.15.81
v5.15.82
v5.15.83
v5.15.84
v5.15.85
v5.15.86
v5.15.87
v5.15.88
v5.15.89
v5.15.9
v5.15.90
v5.15.91
v5.15.92
v5.15.93
v5.15.94
v5.15.95
v5.15.96
v5.15.97
v5.15.98
v5.15.99
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.2.1
v6.2.2
v6.2.3
v6.2.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53405.json"
vanir_signatures 
[
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "24461082162479890243538441289922536117",
                "22101981693047202103672336551982149723",
                "257281038259133179840539713944009698109",
                "286129987294995525223949861527548486072"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@be21a66e17ee0ab5f3513b6c86659e60cec5e981",
        "deprecated": false,
        "id": "CVE-2023-53405-133dd958",
        "target": {
            "file": "drivers/usb/gadget/udc/gr_udc.c"
        }
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "24461082162479890243538441289922536117",
                "22101981693047202103672336551982149723",
                "257281038259133179840539713944009698109",
                "286129987294995525223949861527548486072"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "drivers/usb/gadget/udc/gr_udc.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0933eca15f5223b5c2412080c8c3de8758465c78",
        "deprecated": false,
        "id": "CVE-2023-53405-277e1251",
        "signature_type": "Line"
    },
    {
        "signature_type": "Function",
        "target": {
            "function": "gr_dfs_delete",
            "file": "drivers/usb/gadget/udc/gr_udc.c"
        },
        "digest": {
            "function_hash": "217380774563782995306513903503366323902",
            "length": 116.0
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0933eca15f5223b5c2412080c8c3de8758465c78",
        "deprecated": false,
        "id": "CVE-2023-53405-3d1d09e4",
        "signature_version": "v1"
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "24461082162479890243538441289922536117",
                "22101981693047202103672336551982149723",
                "257281038259133179840539713944009698109",
                "286129987294995525223949861527548486072"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@30f9ba2396a1130eef7f2d3ee7ee8037b7c25be9",
        "deprecated": false,
        "id": "CVE-2023-53405-4c7a52ca",
        "target": {
            "file": "drivers/usb/gadget/udc/gr_udc.c"
        }
    },
    {
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "24461082162479890243538441289922536117",
                "22101981693047202103672336551982149723",
                "257281038259133179840539713944009698109",
                "286129987294995525223949861527548486072"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@73f4451368663ad28daa67980c6dd11d83b303eb",
        "deprecated": false,
        "id": "CVE-2023-53405-69d2193e",
        "target": {
            "file": "drivers/usb/gadget/udc/gr_udc.c"
        }
    },
    {
        "signature_type": "Function",
        "signature_version": "v1",
        "target": {
            "function": "gr_dfs_delete",
            "file": "drivers/usb/gadget/udc/gr_udc.c"
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@73f4451368663ad28daa67980c6dd11d83b303eb",
        "deprecated": false,
        "id": "CVE-2023-53405-705f7e77",
        "digest": {
            "length": 116.0,
            "function_hash": "217380774563782995306513903503366323902"
        }
    },
    {
        "signature_type": "Function",
        "target": {
            "function": "gr_dfs_delete",
            "file": "drivers/usb/gadget/udc/gr_udc.c"
        },
        "digest": {
            "function_hash": "217380774563782995306513903503366323902",
            "length": 116.0
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@30f9ba2396a1130eef7f2d3ee7ee8037b7c25be9",
        "deprecated": false,
        "id": "CVE-2023-53405-be0e29d1",
        "signature_version": "v1"
    },
    {
        "signature_type": "Function",
        "target": {
            "function": "gr_dfs_delete",
            "file": "drivers/usb/gadget/udc/gr_udc.c"
        },
        "digest": {
            "function_hash": "217380774563782995306513903503366323902",
            "length": 116.0
        },
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@be21a66e17ee0ab5f3513b6c86659e60cec5e981",
        "deprecated": false,
        "id": "CVE-2023-53405-efddeb34",
        "signature_version": "v1"
    }
]

Git / github.com/gregkh/linux

Affected ranges

Type
GIT
Repo
https://github.com/gregkh/linux
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
d214f240b0f61480f9dbc4384cef03f6a55e5d03
Introduced
c9c3395d5e3dcc6daee66c6908354d47bf98cb0c
Fixed
f4282872cef2e98b3358ea7aa93a03125051fec1
Introduced
df0cc57e057f18e44dac8e6c18aba47ab53202f9
Fixed
1cc3fcf63192dfbf5ac13bc6134ae9120ebdcba6

Affected versions

v5.*
v5.16
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2.1
v6.2.2
v6.2.3
v6.2.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53405.json"