CVE-2023-53330

In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrl_linkup_request() When linktype is unknown or kzalloc failed in cfctrl_linkup_request(), pkt is not released. Add release process to error path.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/1dddeceb26002cfea4c375e92ac6498768dc7349	Patch
https://git.kernel.org/stable/c/33df9c5d5e2a18c70f5f5f3c2757d654c1b6ffa3	Patch
https://git.kernel.org/stable/c/3acf3783a84cbdf0c9f8cf2f32ee9c49af93a2da	Patch
https://git.kernel.org/stable/c/3ad47c8aa5648226184415e4a0cb1bf67ffbfd48	Patch
https://git.kernel.org/stable/c/84b2cc7b36b7f6957d307fb3d01603f93cb2d655	Patch
https://git.kernel.org/stable/c/badea57569db04b010e922e29a7aaf40a979a70b	Patch
https://git.kernel.org/stable/c/dc1bc903970bdf63ca40ab923d3ccb765da9a8d9	Patch
https://git.kernel.org/stable/c/fe69230f05897b3de758427b574fc98025dfc907	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.2:rc2::::::

History

10 Dec 2025, 18:42

Type	Values Removed	Values Added
CWE		CWE-401
References	~~() https://git.kernel.org/stable/c/1dddeceb26002cfea4c375e92ac6498768dc7349 -~~	() https://git.kernel.org/stable/c/1dddeceb26002cfea4c375e92ac6498768dc7349 - Patch
References	~~() https://git.kernel.org/stable/c/33df9c5d5e2a18c70f5f5f3c2757d654c1b6ffa3 -~~	() https://git.kernel.org/stable/c/33df9c5d5e2a18c70f5f5f3c2757d654c1b6ffa3 - Patch
References	~~() https://git.kernel.org/stable/c/3acf3783a84cbdf0c9f8cf2f32ee9c49af93a2da -~~	() https://git.kernel.org/stable/c/3acf3783a84cbdf0c9f8cf2f32ee9c49af93a2da - Patch
References	~~() https://git.kernel.org/stable/c/3ad47c8aa5648226184415e4a0cb1bf67ffbfd48 -~~	() https://git.kernel.org/stable/c/3ad47c8aa5648226184415e4a0cb1bf67ffbfd48 - Patch
References	~~() https://git.kernel.org/stable/c/84b2cc7b36b7f6957d307fb3d01603f93cb2d655 -~~	() https://git.kernel.org/stable/c/84b2cc7b36b7f6957d307fb3d01603f93cb2d655 - Patch
References	~~() https://git.kernel.org/stable/c/badea57569db04b010e922e29a7aaf40a979a70b -~~	() https://git.kernel.org/stable/c/badea57569db04b010e922e29a7aaf40a979a70b - Patch
References	~~() https://git.kernel.org/stable/c/dc1bc903970bdf63ca40ab923d3ccb765da9a8d9 -~~	() https://git.kernel.org/stable/c/dc1bc903970bdf63ca40ab923d3ccb765da9a8d9 - Patch
References	~~() https://git.kernel.org/stable/c/fe69230f05897b3de758427b574fc98025dfc907 -~~	() https://git.kernel.org/stable/c/fe69230f05897b3de758427b574fc98025dfc907 - Patch
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CPE		cpe:2.3:o:linux:linux_kernel:6.2:rc1:::::: cpe:2.3:o:linux:linux_kernel:6.2:rc2:::::: cpe:2.3:o:linux:linux_kernel::::::::
First Time		Linux Linux linux Kernel

16 Sep 2025, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-09-16 17:15

Updated : 2025-12-10 18:42

NVD link : CVE-2023-53330

Mitre link : CVE-2023-53330

CVE.ORG link : CVE-2023-53330

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-401

Missing Release of Memory after Effective Lifetime

5.5 /10