CVE-2023-53405 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

USB: gadget: gr_udc: fix memory leak with using debugfs_lookup()

When calling debugfs_lookup() the result must have dput() called on it,
otherwise the memory will leak over time. To make things simpler, just
call debugfs_lookup_and_remove() instead which handles all of the logic
at once.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/0933eca15f5223b5c2412080c8c3de8758465c78
https://git.kernel.org/stable/c/30f9ba2396a1130eef7f2d3ee7ee8037b7c25be9
https://git.kernel.org/stable/c/73f4451368663ad28daa67980c6dd11d83b303eb
https://git.kernel.org/stable/c/be21a66e17ee0ab5f3513b6c86659e60cec5e981

History

Thu, 18 Sep 2025 14:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: USB: gadget: gr_udc: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfs_lookup_and_remove() instead which handles all of the logic at once.
Title		USB: gadget: gr_udc: fix memory leak with using debugfs_lookup()
References		https://git.kernel.org/stable/c/0933eca15f5223b5c2412080c8c3de8758465c78 https://git.kernel.org/stable/c/30f9ba2396a1130eef7f2d3ee7ee8037b7c25be9 https://git.kernel.org/stable/c/73f4451368663ad28daa67980c6dd11d83b303eb https://git.kernel.org/stable/c/be21a66e17ee0ab5f3513b6c86659e60cec5e981

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-18T13:58:44.401Z

Updated: 2025-09-18T13:58:44.401Z

Reserved: 2025-09-17T14:54:09.739Z

Link: CVE-2023-53405

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-18T14:15:43.900

Modified: 2025-09-18T14:15:43.900

Link: CVE-2023-53405

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53405", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-09-17T14:54:09.739Z", "datePublished": "2025-09-18T13:58:44.401Z", "dateUpdated": "2025-09-18T13:58:44.401Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-18T13:58:44.401Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: gr_udc: fix memory leak with using debugfs_lookup()\n\nWhen calling debugfs_lookup() the result must have dput() called on it,\notherwise the memory will leak over time. To make things simpler, just\ncall debugfs_lookup_and_remove() instead which handles all of the logic\nat once."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/usb/gadget/udc/gr_udc.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "30f9ba2396a1130eef7f2d3ee7ee8037b7c25be9", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "be21a66e17ee0ab5f3513b6c86659e60cec5e981", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "0933eca15f5223b5c2412080c8c3de8758465c78", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "73f4451368663ad28daa67980c6dd11d83b303eb", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/usb/gadget/udc/gr_udc.c"], "versions": [{"version": "5.15.100", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.18", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2.5", "lessThanOrEqual": "6.2.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.100"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.18"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.2.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/30f9ba2396a1130eef7f2d3ee7ee8037b7c25be9"}, {"url": "https://git.kernel.org/stable/c/be21a66e17ee0ab5f3513b6c86659e60cec5e981"}, {"url": "https://git.kernel.org/stable/c/0933eca15f5223b5c2412080c8c3de8758465c78"}, {"url": "https://git.kernel.org/stable/c/73f4451368663ad28daa67980c6dd11d83b303eb"}], "title": "USB: gadget: gr_udc: fix memory leak with using debugfs_lookup()", "x_generator": {"engine": "bippy-1.2.0"}}}}