CVE-2023-53407

When calling debugfslookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove() instead which handles all of the logic at once.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53407.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

8efd88f946017b69af67931a133b6dce92c27fd0

Fixed

8da78a60f3323ce7aac589d49fb82f71a04bc835

Fixed

b14d188d0d0b86e2180525aefd570dbb6ebd6aa9

Fixed

67c931a3f2f061bf457995fd21fff114325e0c30

Fixed

7a6952fa0366d4408eb8695af1a0578c39ec718a

Affected versions

v5.*

v5.13

v5.13-rc3

v5.13-rc4

v5.13-rc5

v5.13-rc6

v5.13-rc7

v5.14

v5.14-rc1

v5.14-rc2

v5.14-rc3

v5.14-rc4

v5.14-rc5

v5.14-rc6

v5.14-rc7

v5.15

v5.15-rc1

v5.15-rc2

v5.15-rc3

v5.15-rc4

v5.15-rc5

v5.15-rc6

v5.15-rc7

v5.15.1

v5.15.10

v5.15.11

v5.15.12

v5.15.13

v5.15.14

v5.15.15

v5.15.16

v5.15.17

v5.15.18

v5.15.19

v5.15.2

v5.15.20

v5.15.21

v5.15.22

v5.15.23

v5.15.24

v5.15.25

v5.15.26

v5.15.27

v5.15.28

v5.15.29

v5.15.3

v5.15.30

v5.15.31

v5.15.32

v5.15.33

v5.15.34

v5.15.35

v5.15.36

v5.15.37

v5.15.38

v5.15.39

v5.15.4

v5.15.40

v5.15.41

v5.15.42

v5.15.43

v5.15.44

v5.15.45

v5.15.46

v5.15.47

v5.15.48

v5.15.49

v5.15.5

v5.15.50

v5.15.51

v5.15.52

v5.15.53

v5.15.54

v5.15.55

v5.15.56

v5.15.57

v5.15.58

v5.15.59

v5.15.6

v5.15.60

v5.15.61

v5.15.62

v5.15.63

v5.15.64

v5.15.65

v5.15.66

v5.15.67

v5.15.68

v5.15.69

v5.15.7

v5.15.70

v5.15.71

v5.15.72

v5.15.73

v5.15.74

v5.15.75

v5.15.76

v5.15.77

v5.15.78

v5.15.79

v5.15.8

v5.15.80

v5.15.81

v5.15.82

v5.15.83

v5.15.84

v5.15.85

v5.15.86

v5.15.87

v5.15.88

v5.15.89

v5.15.9

v5.15.90

v5.15.91

v5.15.92

v5.15.93

v5.15.94

v5.15.95

v5.15.96

v5.15.97

v5.15.98

v5.15.99

v5.16

v5.16-rc1

v5.16-rc2

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.17

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.1

v6.1-rc1

v6.1-rc2

v6.1-rc3

v6.1-rc4

v6.1-rc5

v6.1-rc6

v6.1-rc7

v6.1-rc8

v6.1.1

v6.1.10

v6.1.11

v6.1.12

v6.1.13

v6.1.14

v6.1.15

v6.1.16

v6.1.17

v6.1.2

v6.1.3

v6.1.4

v6.1.5

v6.1.6

v6.1.7

v6.1.8

v6.1.9

v6.2

v6.2-rc1

v6.2-rc2

v6.2-rc3

v6.2-rc4

v6.2-rc5

v6.2-rc6

v6.2-rc7

v6.2-rc8

v6.2.1

v6.2.2

v6.2.3

v6.2.4

Database specific

vanir_signatures

[
    {
        "id": "CVE-2023-53407-0927939a",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b14d188d0d0b86e2180525aefd570dbb6ebd6aa9",
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "291803726016689761779087457453789085554",
                "222019830566965048687461820654212079452",
                "89583829759325564754933041404564262852",
                "209782206226569480862146402791521879488"
            ]
        },
        "target": {
            "file": "drivers/usb/gadget/udc/pxa27x_udc.c"
        }
    },
    {
        "id": "CVE-2023-53407-1ac41440",
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@67c931a3f2f061bf457995fd21fff114325e0c30",
        "deprecated": false,
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "291803726016689761779087457453789085554",
                "222019830566965048687461820654212079452",
                "89583829759325564754933041404564262852",
                "209782206226569480862146402791521879488"
            ]
        },
        "target": {
            "file": "drivers/usb/gadget/udc/pxa27x_udc.c"
        }
    },
    {
        "id": "CVE-2023-53407-496cea07",
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7a6952fa0366d4408eb8695af1a0578c39ec718a",
        "deprecated": false,
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "291803726016689761779087457453789085554",
                "222019830566965048687461820654212079452",
                "89583829759325564754933041404564262852",
                "209782206226569480862146402791521879488"
            ]
        },
        "target": {
            "file": "drivers/usb/gadget/udc/pxa27x_udc.c"
        }
    },
    {
        "id": "CVE-2023-53407-503db649",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@67c931a3f2f061bf457995fd21fff114325e0c30",
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "digest": {
            "function_hash": "134479199620655524627175078076962049347",
            "length": 111.0
        },
        "target": {
            "function": "pxa_cleanup_debugfs",
            "file": "drivers/usb/gadget/udc/pxa27x_udc.c"
        }
    },
    {
        "id": "CVE-2023-53407-644a065a",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8da78a60f3323ce7aac589d49fb82f71a04bc835",
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "digest": {
            "function_hash": "134479199620655524627175078076962049347",
            "length": 111.0
        },
        "target": {
            "function": "pxa_cleanup_debugfs",
            "file": "drivers/usb/gadget/udc/pxa27x_udc.c"
        }
    },
    {
        "id": "CVE-2023-53407-6c3b4a67",
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8da78a60f3323ce7aac589d49fb82f71a04bc835",
        "deprecated": false,
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "291803726016689761779087457453789085554",
                "222019830566965048687461820654212079452",
                "89583829759325564754933041404564262852",
                "209782206226569480862146402791521879488"
            ]
        },
        "target": {
            "file": "drivers/usb/gadget/udc/pxa27x_udc.c"
        }
    },
    {
        "id": "CVE-2023-53407-84fc30d1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b14d188d0d0b86e2180525aefd570dbb6ebd6aa9",
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "digest": {
            "function_hash": "134479199620655524627175078076962049347",
            "length": 111.0
        },
        "target": {
            "function": "pxa_cleanup_debugfs",
            "file": "drivers/usb/gadget/udc/pxa27x_udc.c"
        }
    },
    {
        "id": "CVE-2023-53407-e1cd57dc",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7a6952fa0366d4408eb8695af1a0578c39ec718a",
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function",
        "digest": {
            "function_hash": "134479199620655524627175078076962049347",
            "length": 111.0
        },
        "target": {
            "function": "pxa_cleanup_debugfs",
            "file": "drivers/usb/gadget/udc/pxa27x_udc.c"
        }
    }
]

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53407.json"

Git / github.com/gregkh/linux