CVE-2023-53409

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53409
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53409.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53409
Downstream
Related
Published
2025-09-18T13:58:47.478Z
Modified
2026-02-25T09:15:35.591414264Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
drivers: base: component: fix memory leak with using debugfs_lookup()
Details

In the Linux kernel, the following vulnerability has been resolved:

drivers: base: component: fix memory leak with using debugfs_lookup()

When calling debugfslookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove() instead which handles all of the logic at once.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53409.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
c654cea59dbc352fceafddd44893f3523fdcc08e
Fixed
09709a49283f79184c998d6dafcc01590e4d654d
Fixed
79ac2b01e033181e21cc84216ace1f4160eb8950
Fixed
bf0fd01c7cc1061fb2cfda3e2044371642108e6c
Fixed
8deb87b1e810dd558371e88ffd44339fbef27870

Affected versions

v5.*
v5.12
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.61
v5.15.62
v5.15.63
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.7
v5.15.70
v5.15.71
v5.15.72
v5.15.73
v5.15.74
v5.15.75
v5.15.76
v5.15.77
v5.15.78
v5.15.79
v5.15.8
v5.15.80
v5.15.81
v5.15.82
v5.15.83
v5.15.84
v5.15.85
v5.15.86
v5.15.87
v5.15.88
v5.15.89
v5.15.9
v5.15.90
v5.15.91
v5.15.92
v5.15.93
v5.15.94
v5.15.95
v5.15.96
v5.15.97
v5.15.98
v5.15.99
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.2.1
v6.2.2
v6.2.3
v6.2.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53409.json"
vanir_signatures 
[
    {
        "id": "CVE-2023-53409-000346b8",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@09709a49283f79184c998d6dafcc01590e4d654d",
        "target": {
            "file": "drivers/base/component.c",
            "function": "component_master_debugfs_del"
        },
        "digest": {
            "function_hash": "89534095357837766671337321977923189204",
            "length": 124.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@79ac2b01e033181e21cc84216ace1f4160eb8950",
        "id": "CVE-2023-53409-2adb134b",
        "target": {
            "file": "drivers/base/component.c",
            "function": "component_debugfs_del"
        },
        "digest": {
            "function_hash": "89534095357837766671337321977923189204",
            "length": 124.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "id": "CVE-2023-53409-50097d68",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8deb87b1e810dd558371e88ffd44339fbef27870",
        "target": {
            "file": "drivers/base/component.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "277000106875929722535561509265360606874",
                "159660961223527080063080592281665445769",
                "248103184549215051566960958356075330536",
                "51117778270741734553884223685790328354"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53409-64ce8b9c",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@09709a49283f79184c998d6dafcc01590e4d654d",
        "target": {
            "file": "drivers/base/component.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "321107524983737456712105554786055113847",
                "78689724788985683564266723484792999562",
                "248103184549215051566960958356075330536",
                "209420614400876936211428551809435693836"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@79ac2b01e033181e21cc84216ace1f4160eb8950",
        "id": "CVE-2023-53409-8058780e",
        "target": {
            "file": "drivers/base/component.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "277000106875929722535561509265360606874",
                "159660961223527080063080592281665445769",
                "248103184549215051566960958356075330536",
                "51117778270741734553884223685790328354"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bf0fd01c7cc1061fb2cfda3e2044371642108e6c",
        "id": "CVE-2023-53409-a79d1be8",
        "target": {
            "file": "drivers/base/component.c"
        },
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "277000106875929722535561509265360606874",
                "159660961223527080063080592281665445769",
                "248103184549215051566960958356075330536",
                "51117778270741734553884223685790328354"
            ]
        },
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8deb87b1e810dd558371e88ffd44339fbef27870",
        "id": "CVE-2023-53409-b728b0ed",
        "target": {
            "file": "drivers/base/component.c",
            "function": "component_debugfs_del"
        },
        "signature_version": "v1",
        "digest": {
            "function_hash": "89534095357837766671337321977923189204",
            "length": 124.0
        },
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "id": "CVE-2023-53409-c1cfb650",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bf0fd01c7cc1061fb2cfda3e2044371642108e6c",
        "target": {
            "file": "drivers/base/component.c",
            "function": "component_debugfs_del"
        },
        "digest": {
            "function_hash": "89534095357837766671337321977923189204",
            "length": 124.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function"
    }
]

Git / github.com/gregkh/linux

Affected ranges

Type
GIT
Repo
https://github.com/gregkh/linux
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
d214f240b0f61480f9dbc4384cef03f6a55e5d03
Introduced
c9c3395d5e3dcc6daee66c6908354d47bf98cb0c
Fixed
f4282872cef2e98b3358ea7aa93a03125051fec1
Introduced
df0cc57e057f18e44dac8e6c18aba47ab53202f9
Fixed
1cc3fcf63192dfbf5ac13bc6134ae9120ebdcba6

Affected versions

v5.*
v5.16
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2.1
v6.2.2
v6.2.3
v6.2.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53409.json"