CVE-2023-53674

MEDIUM

Linux Kernel 5.11-5.15.121 - Use-After-Free in devm_clk_notifier_register

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: clk: Fix memory leak in devm_clk_notifier_register() devm_clk_notifier_register() allocates a devres resource for clk notifier but didn't register that to the device, so the notifier didn't get unregistered on device detach and the allocated resource was leaked. Fix the issue by registering the resource through devres_add(). This issue was found with kmemleak on a Chromebook.

References (5)

Core 5

Core References

Patch

https://git.kernel.org/stable/c/a326cf0107b197e649bbaa2a2b1355894826ce32

Patch

https://git.kernel.org/stable/c/49451db71b746df990888068961f1033f7c9b734

Patch

https://git.kernel.org/stable/c/cb1b04fd4283fc8f9acefe0ddc61ba072ed44877

Patch

https://git.kernel.org/stable/c/efbbda79b2881a04dcd0e8f28634933d79e17e49

Patch

https://git.kernel.org/stable/c/7fb933e56f77a57ef7cfc59fc34cbbf1b1fa31ff

Scores

CVSS v3 5.5

EPSS 0.0013

EPSS Percentile 3.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-401

Status published

Products (13)

Linux/Linux < 5.11

Linux/Linux 5.11

Linux/Linux 5.15.121 - 5.15.*

Linux/Linux 6.1.39 - 6.1.*

Linux/Linux 6.3.13 - 6.3.*

Linux/Linux 6.4.4 - 6.4.*

Linux/Linux 6.5

Linux/Linux 6d30d50d037dfa092f9d5d1fffa348ab4abb7163 - 49451db71b746df990888068961f1033f7c9b734

Linux/Linux 6d30d50d037dfa092f9d5d1fffa348ab4abb7163 - 7fb933e56f77a57ef7cfc59fc34cbbf1b1fa31ff

Linux/Linux 6d30d50d037dfa092f9d5d1fffa348ab4abb7163 - a326cf0107b197e649bbaa2a2b1355894826ce32

... and 3 more

Published Oct 07, 2025

Tracked Since Feb 18, 2026