CVE-2023-53518 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix leak in devfreq_dev_release() srcu_init_notifier_head() allocates resources that need to be released with a srcu_cleanup_notifier_head() call. Reported by kmemleak.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/111bafa210ae546bee7644be730c42df9c35b66e
https://git.kernel.org/stable/c/1640e9c72173911ad0fddb05012c01eafe082c4e
https://git.kernel.org/stable/c/29811f4b8255d4238cf326f3bb7129784766beab
https://git.kernel.org/stable/c/3354c401c68d70567d1ef25d12f4e22a7813a3c6
https://git.kernel.org/stable/c/5693d077595de721f9ddbf9d37f40e5409707dfe
https://git.kernel.org/stable/c/64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d
https://git.kernel.org/stable/c/7462483446cb9986568ad7adae746ce5f18d2968
https://git.kernel.org/stable/c/8918025feb2f5f7c73f2495c158f22997e25cb02
https://git.kernel.org/stable/c/ab192e5e5d3b48415909a8408acfd007a607bcc0
https://lore.kernel.org/linux-cve-announce/2025100132-CVE-2023-53518-64e1@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-53518
https://www.cve.org/CVERecord?id=CVE-2023-53518

History

Thu, 02 Oct 2025 12:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025100132-CVE-2023-53518-64e1@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-53518 https://www.cve.org/CVERecord?id=CVE-2023-53518
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Thu, 02 Oct 2025 09:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Wed, 01 Oct 2025 12:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix leak in devfreq_dev_release() srcu_init_notifier_head() allocates resources that need to be released with a srcu_cleanup_notifier_head() call. Reported by kmemleak.
Title		PM / devfreq: Fix leak in devfreq_dev_release()
References		https://git.kernel.org/stable/c/111bafa210ae546bee7644be730c42df9c35b66e https://git.kernel.org/stable/c/1640e9c72173911ad0fddb05012c01eafe082c4e https://git.kernel.org/stable/c/29811f4b8255d4238cf326f3bb7129784766beab https://git.kernel.org/stable/c/3354c401c68d70567d1ef25d12f4e22a7813a3c6 https://git.kernel.org/stable/c/5693d077595de721f9ddbf9d37f40e5409707dfe https://git.kernel.org/stable/c/64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d https://git.kernel.org/stable/c/7462483446cb9986568ad7adae746ce5f18d2968 https://git.kernel.org/stable/c/8918025feb2f5f7c73f2495c158f22997e25cb02 https://git.kernel.org/stable/c/ab192e5e5d3b48415909a8408acfd007a607bcc0

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-01T11:46:05.446Z

Updated: 2025-10-01T11:46:05.446Z

Reserved: 2025-10-01T11:39:39.407Z

Link: CVE-2023-53518

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-10-01T12:15:56.027

Modified: 2025-10-02T19:11:46.753

Link: CVE-2023-53518

Redhat

Severity : Low

Publid Date: 2025-10-01T00:00:00Z

Links: CVE-2023-53518 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object