DEBIAN-CVE-2023-53514
- Source
- https://security-tracker.debian.org/tracker/CVE-2023-53514
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53514.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-53514
- Upstream
- Published
- 2025-10-01T12:15:55.447Z
- Modified
- 2026-03-11T07:35:07.554678Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix memory leak of device names The device names allocated by devsetname() need be freed before module unloading, but they can not be freed because the kobject's refcount which was set in deviceinitialize() has not be decreased to 0. As comment of deviceadd() says, if it fails, use only putdevice() drop the refcount, then the name will be freed in kobejctcleanup(). devicedel() and putdevice() can be replaced with deviceunregister(), so call it to unregister the added successfully devices, and just call putdevice() to the not added device. Add a release() function to device to avoid null release() function WARNING in devicerelease(), it's empty, because the context devices are freed together in host1xmemorycontextlist_free().
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source