CVE-2023-53418

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53418
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53418.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53418
Downstream
Related
Published
2025-09-18T13:58:54.007Z
Modified
2026-02-26T23:59:07.054799Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
USB: gadget: lpc32xx_udc: fix memory leak with using debugfs_lookup()
Details

In the Linux kernel, the following vulnerability has been resolved:

USB: gadget: lpc32xxudc: fix memory leak with using debugfslookup()

When calling debugfslookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove() instead which handles all of the logic at once.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53418.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e3d59eff47b8cc385acae9d7fb1c787857023376
Fixed
036ada6ca9eea926abc0b0ef550b10488d66d4d8
Fixed
7a5fdd8660174a8056de57d1fdce3a7e9f77f60e
Fixed
72c25eb9ae4993ccac4821354ff34eb1f32e4781
Fixed
e3965acaf3739fde9d74ad82979b46d37c6c208f

Affected versions

v5.*
v5.13
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.61
v5.15.62
v5.15.63
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.7
v5.15.70
v5.15.71
v5.15.72
v5.15.73
v5.15.74
v5.15.75
v5.15.76
v5.15.77
v5.15.78
v5.15.79
v5.15.8
v5.15.80
v5.15.81
v5.15.82
v5.15.83
v5.15.84
v5.15.85
v5.15.86
v5.15.87
v5.15.88
v5.15.89
v5.15.9
v5.15.90
v5.15.91
v5.15.92
v5.15.93
v5.15.94
v5.15.95
v5.15.96
v5.15.97
v5.15.98
v5.15.99
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.2.1
v6.2.2
v6.2.3
v6.2.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53418.json"
vanir_signatures 
[
    {
        "id": "CVE-2023-53418-0697d03a",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@036ada6ca9eea926abc0b0ef550b10488d66d4d8",
        "target": {
            "file": "drivers/usb/gadget/udc/lpc32xx_udc.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "188504994327010116973524447240646593557",
                "254976968088487951043418488716207870839",
                "312412515447658948175395313693277030390",
                "158886148468065705023628856405531486212"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53418-4fcc9f3b",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7a5fdd8660174a8056de57d1fdce3a7e9f77f60e",
        "target": {
            "file": "drivers/usb/gadget/udc/lpc32xx_udc.c",
            "function": "remove_debug_file"
        },
        "digest": {
            "function_hash": "195224376593450456098485092178047594084",
            "length": 93.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "id": "CVE-2023-53418-729f3074",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3965acaf3739fde9d74ad82979b46d37c6c208f",
        "target": {
            "file": "drivers/usb/gadget/udc/lpc32xx_udc.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "188504994327010116973524447240646593557",
                "254976968088487951043418488716207870839",
                "312412515447658948175395313693277030390",
                "158886148468065705023628856405531486212"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53418-971946bf",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@036ada6ca9eea926abc0b0ef550b10488d66d4d8",
        "target": {
            "file": "drivers/usb/gadget/udc/lpc32xx_udc.c",
            "function": "remove_debug_file"
        },
        "digest": {
            "function_hash": "195224376593450456098485092178047594084",
            "length": 93.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "id": "CVE-2023-53418-bf973144",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@72c25eb9ae4993ccac4821354ff34eb1f32e4781",
        "target": {
            "file": "drivers/usb/gadget/udc/lpc32xx_udc.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "188504994327010116973524447240646593557",
                "254976968088487951043418488716207870839",
                "312412515447658948175395313693277030390",
                "158886148468065705023628856405531486212"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53418-c2e5b7bd",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7a5fdd8660174a8056de57d1fdce3a7e9f77f60e",
        "target": {
            "file": "drivers/usb/gadget/udc/lpc32xx_udc.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "188504994327010116973524447240646593557",
                "254976968088487951043418488716207870839",
                "312412515447658948175395313693277030390",
                "158886148468065705023628856405531486212"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53418-d376eef3",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@72c25eb9ae4993ccac4821354ff34eb1f32e4781",
        "target": {
            "file": "drivers/usb/gadget/udc/lpc32xx_udc.c",
            "function": "remove_debug_file"
        },
        "digest": {
            "function_hash": "195224376593450456098485092178047594084",
            "length": 93.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "id": "CVE-2023-53418-ea162052",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e3965acaf3739fde9d74ad82979b46d37c6c208f",
        "target": {
            "file": "drivers/usb/gadget/udc/lpc32xx_udc.c",
            "function": "remove_debug_file"
        },
        "digest": {
            "function_hash": "195224376593450456098485092178047594084",
            "length": 93.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function"
    }
]

Git / github.com/gregkh/linux

Affected ranges

Type
GIT
Repo
https://github.com/gregkh/linux
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
d214f240b0f61480f9dbc4384cef03f6a55e5d03
Introduced
c9c3395d5e3dcc6daee66c6908354d47bf98cb0c
Fixed
f4282872cef2e98b3358ea7aa93a03125051fec1
Introduced
df0cc57e057f18e44dac8e6c18aba47ab53202f9
Fixed
1cc3fcf63192dfbf5ac13bc6134ae9120ebdcba6

Affected versions

v5.*
v5.16
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2.1
v6.2.2
v6.2.3
v6.2.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53418.json"