CVE-2023-53353

MEDIUM

Linux kernel - Memory Leak

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: postpone mem_mgr IDR destruction to hpriv_release() The memory manager IDR is currently destroyed when user releases the file descriptor. However, at this point the user context might be still held, and memory buffers might be still in use. Later on, calls to release those buffers will fail due to not finding their handles in the IDR, leading to a memory leak. To avoid this leak, split the IDR destruction from the memory manager fini, and postpone it to hpriv_release() when there is no user context and no buffers are used.

References (2)

[Patch] https://git.kernel.org/stable/c/2e8e9a895c4589f124a37fc84d123b5114406e94

[Patch] https://git.kernel.org/stable/c/840de329ca99cafd0cdde9c6ac160b1330942aba

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 4.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (1)

linux/linux_kernel < 6.3.4

Timeline

Published Sep 17, 2025

Tracked Since Feb 18, 2026