CVE-2023-53518

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix leak in devfreq_dev_release() srcu_init_notifier_head() allocates resources that need to be released with a srcu_cleanup_notifier_head() call. Reported by kmemleak.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/111bafa210ae546bee7644be730c42df9c35b66e	Patch
https://git.kernel.org/stable/c/1640e9c72173911ad0fddb05012c01eafe082c4e	Patch
https://git.kernel.org/stable/c/29811f4b8255d4238cf326f3bb7129784766beab	Patch
https://git.kernel.org/stable/c/3354c401c68d70567d1ef25d12f4e22a7813a3c6	Patch
https://git.kernel.org/stable/c/5693d077595de721f9ddbf9d37f40e5409707dfe	Patch
https://git.kernel.org/stable/c/64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d	Patch
https://git.kernel.org/stable/c/7462483446cb9986568ad7adae746ce5f18d2968	Patch
https://git.kernel.org/stable/c/8918025feb2f5f7c73f2495c158f22997e25cb02	Patch
https://git.kernel.org/stable/c/ab192e5e5d3b48415909a8408acfd007a607bcc0	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

23 Jan 2026, 20:07

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel::::::::
CWE		CWE-401
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
References	~~() https://git.kernel.org/stable/c/111bafa210ae546bee7644be730c42df9c35b66e -~~	() https://git.kernel.org/stable/c/111bafa210ae546bee7644be730c42df9c35b66e - Patch
References	~~() https://git.kernel.org/stable/c/1640e9c72173911ad0fddb05012c01eafe082c4e -~~	() https://git.kernel.org/stable/c/1640e9c72173911ad0fddb05012c01eafe082c4e - Patch
References	~~() https://git.kernel.org/stable/c/29811f4b8255d4238cf326f3bb7129784766beab -~~	() https://git.kernel.org/stable/c/29811f4b8255d4238cf326f3bb7129784766beab - Patch
References	~~() https://git.kernel.org/stable/c/3354c401c68d70567d1ef25d12f4e22a7813a3c6 -~~	() https://git.kernel.org/stable/c/3354c401c68d70567d1ef25d12f4e22a7813a3c6 - Patch
References	~~() https://git.kernel.org/stable/c/5693d077595de721f9ddbf9d37f40e5409707dfe -~~	() https://git.kernel.org/stable/c/5693d077595de721f9ddbf9d37f40e5409707dfe - Patch
References	~~() https://git.kernel.org/stable/c/64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d -~~	() https://git.kernel.org/stable/c/64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d - Patch
References	~~() https://git.kernel.org/stable/c/7462483446cb9986568ad7adae746ce5f18d2968 -~~	() https://git.kernel.org/stable/c/7462483446cb9986568ad7adae746ce5f18d2968 - Patch
References	~~() https://git.kernel.org/stable/c/8918025feb2f5f7c73f2495c158f22997e25cb02 -~~	() https://git.kernel.org/stable/c/8918025feb2f5f7c73f2495c158f22997e25cb02 - Patch
References	~~() https://git.kernel.org/stable/c/ab192e5e5d3b48415909a8408acfd007a607bcc0 -~~	() https://git.kernel.org/stable/c/ab192e5e5d3b48415909a8408acfd007a607bcc0 - Patch
First Time		Linux Linux linux Kernel

01 Oct 2025, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-10-01 12:15

Updated : 2026-01-23 20:07

NVD link : CVE-2023-53518

Mitre link : CVE-2023-53518

CVE.ORG link : CVE-2023-53518

JSON object : View

Products Affected

linux

linux_kernel

CWE

CWE-401

Missing Release of Memory after Effective Lifetime

5.5 /10