CVE-2023-53518

Опубликовано: 01 окт. 2025

Источник: redhat

CVSS3: 5.5

Описание

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix leak in devfreq_dev_release() srcu_init_notifier_head() allocates resources that need to be released with a srcu_cleanup_notifier_head() call. Reported by kmemleak.

A flaw was found in the Linux kernel's Power Management (PM) / devfreq subsystem. This vulnerability is a memory leak, where resources allocated by srcu_init_notifier_head() are not properly released. A local attacker could exploit this by repeatedly triggering the affected code, leading to resource exhaustion and a denial of service (DoS) on the system.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise Linux 8	kernel-rt	Not affected
Red Hat Enterprise Linux 9	kernel	Fix deferred
Red Hat Enterprise Linux 9	kernel-rt	Fix deferred

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-772

https://bugzilla.redhat.com/show_bug.cgi?id=2400706kernel: Linux kernel: Memory leak in PM / devfreq can lead to denial of service

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2023-53518

CVSS3: 5.5

ubuntu

5 месяцев назад

CVE-2023-53518

CVSS3: 5.5

nvd

5 месяцев назад

CVE-2023-53518

CVSS3: 5.5

debian

5 месяцев назад

In the Linux kernel, the following vulnerability has been resolved: P ...

GHSA-x97q-xc6x-vxw7

CVSS3: 5.5

github

5 месяцев назад

BDU:2025-12906

CVSS3: 5.5

fstec

больше 2 лет назад

Уязвимость функции devfreq_dev_release() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

5.5 Medium

CVSS3