CVE-2023-53514

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53514
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53514.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53514
Downstream
Published
2025-10-01T11:46:02.393Z
Modified
2026-03-09T23:55:20.367700Z
Summary
gpu: host1x: Fix memory leak of device names
Details

In the Linux kernel, the following vulnerability has been resolved:

gpu: host1x: Fix memory leak of device names

The device names allocated by devsetname() need be freed before module unloading, but they can not be freed because the kobject's refcount which was set in device_initialize() has not be decreased to 0.

As comment of deviceadd() says, if it fails, use only putdevice() drop the refcount, then the name will be freed in kobejct_cleanup().

devicedel() and putdevice() can be replaced with deviceunregister(), so call it to unregister the added successfully devices, and just call putdevice() to the not added device.

Add a release() function to device to avoid null release() function WARNING in devicerelease(), it's empty, because the context devices are freed together in host1xmemorycontextlist_free().

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53514.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
8aa5bcb61612060429223d1fbb7a1c30a579fc1f
Fixed
958c6cbc32996c375af42db96ceba021a1959899
Fixed
dba1aeaaf3d0e2f996cb0a5609e5e85ecf405a5c
Fixed
3ab0f5ddb761270b11d8c90b8550a59666cfc9bb
Fixed
55879dad0f3ae8468444b42f785ad79eac05fe5b

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53514.json"