CVE-2023-53579

MEDIUM

Linux Kernel 3.16.40-3.17 - Use-After-Free in GPIO mvebu IRQ Domain

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: gpio: mvebu: fix irq domain leak Uwe Kleine-König pointed out we still have one resource leak in the mvebu driver triggered on driver detach. Let's address it with a custom devm action.

References (4)

Core 4

Core References

Patch

https://git.kernel.org/stable/c/b19e90521286a03bc3793fd598f20277a8f99c85

Patch

https://git.kernel.org/stable/c/44e2afbf650f3264519643fcc9e6b4d2f6e8d547

Patch

https://git.kernel.org/stable/c/d9b791d8362359d241b4e8f4b4767c681ffdb6ef

Patch

https://git.kernel.org/stable/c/644ee70267a934be27370f9aa618b29af7290544

Scores

CVSS v3 5.5

EPSS 0.0014

EPSS Percentile 3.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-401

Status published

Products (17)

Linux/Linux < 4.9

Linux/Linux 3.16.40 - 3.17

Linux/Linux 4.8.9 - 4.9

Linux/Linux 4.9

Linux/Linux 5.15.124 - 5.15.*

Linux/Linux 6.1.43 - 6.1.*

Linux/Linux 6.4.8 - 6.4.*

Linux/Linux 6.5

Linux/Linux 7a9239fd04802ee6ddf82d211cff3ee7df9c473a

Linux/Linux 812d47889a8e418d7bea9bec383581a34c19183e - 44e2afbf650f3264519643fcc9e6b4d2f6e8d547

... and 7 more

Published Oct 04, 2025

Tracked Since Feb 18, 2026