Vulnerability-Lookup

BDU:2025-12906

Vulnerability from fstec - Published: 09.08.2023

Title

Уязвимость функции devfreq_dev_release() ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость функции devfreq_dev_release() ядра операционной системы Linux связана с неограниченным распределением ресурсов. Эксплуатация уязвимости может позволить нарушителю вызвать отказ в обслуживании

Severity ?


                    
                      AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Vendor

Сообщество свободного программного обеспечения, Red Hat Inc.

Software Name

Debian GNU/Linux, Red Hat Enterprise Linux, Linux

Software Version

11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 9 (Red Hat Enterprise Linux), от 6.1.0 до 6.1.53 (Linux), от 6.4.0 до 6.4.16 (Linux), до 6.6 (Linux), от 6.5 до 6.5.3 (Linux), от 4.7 до 4.14.326 (Linux), от 4.19 до 4.19.295 (Linux), от 5.4 до 5.4.257 (Linux), от 5.10 до 5.10.195 (Linux), от 5.15 до 5.15.132 (Linux)

Possible Mitigations

В условиях отсутствия обновлений безопасности от производителя рекомендуется придерживаться "Рекомендаций по безопасной настройке операционных систем LINUX", изложенных в методическом документе ФСТЭК России, утверждённом 25 декабря 2022 года. Использование рекомендаций: Для Linux: https://lore.kernel.org/linux-cve-announce/2025100132-CVE-2023-53518-64e1@gregkh/ https://git.kernel.org/stable/c/111bafa210ae546bee7644be730c42df9c35b66e https://git.kernel.org/stable/c/1640e9c72173911ad0fddb05012c01eafe082c4e https://git.kernel.org/stable/c/29811f4b8255d4238cf326f3bb7129784766beab https://git.kernel.org/stable/c/3354c401c68d70567d1ef25d12f4e22a7813a3c6 https://git.kernel.org/stable/c/5693d077595de721f9ddbf9d37f40e5409707dfe https://git.kernel.org/stable/c/64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d https://git.kernel.org/stable/c/7462483446cb9986568ad7adae746ce5f18d2968 https://git.kernel.org/stable/c/8918025feb2f5f7c73f2495c158f22997e25cb02 https://git.kernel.org/stable/c/ab192e5e5d3b48415909a8408acfd007a607bcc0 Для Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2023-53518 Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2023-53518

Reference

https://access.redhat.com/security/cve/cve-2023-53518 https://lore.kernel.org/linux-cve-announce/2025100132-CVE-2023-53518-64e1@gregkh/ https://git.kernel.org/stable/c/111bafa210ae546bee7644be730c42df9c35b66e https://git.kernel.org/stable/c/1640e9c72173911ad0fddb05012c01eafe082c4e https://git.kernel.org/stable/c/29811f4b8255d4238cf326f3bb7129784766beab https://git.kernel.org/stable/c/3354c401c68d70567d1ef25d12f4e22a7813a3c6 https://git.kernel.org/stable/c/5693d077595de721f9ddbf9d37f40e5409707dfe https://git.kernel.org/stable/c/64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d https://git.kernel.org/stable/c/7462483446cb9986568ad7adae746ce5f18d2968 https://git.kernel.org/stable/c/8918025feb2f5f7c73f2495c158f22997e25cb02 https://git.kernel.org/stable/c/ab192e5e5d3b48415909a8408acfd007a607bcc0 https://security-tracker.debian.org/tracker/CVE-2023-53518

CWE

CWE-770

JSON

To clipboard

{
  "CVSS 2.0": "AV:L/AC:L/Au:S/C:N/I:N/A:C",
  "CVSS 3.0": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Red Hat Inc.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 9 (Red Hat Enterprise Linux), \u043e\u0442 6.1.0 \u0434\u043e 6.1.53 (Linux), \u043e\u0442 6.4.0 \u0434\u043e 6.4.16 (Linux), \u0434\u043e 6.6 (Linux), \u043e\u0442 6.5 \u0434\u043e 6.5.3 (Linux), \u043e\u0442 4.7 \u0434\u043e 4.14.326 (Linux), \u043e\u0442 4.19 \u0434\u043e 4.19.295 (Linux), \u043e\u0442 5.4 \u0434\u043e 5.4.257 (Linux), \u043e\u0442 5.10 \u0434\u043e 5.10.195 (Linux), \u043e\u0442 5.15 \u0434\u043e 5.15.132 (Linux)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0412 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0442\u044c\u0441\u044f \"\u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c LINUX\", \u0438\u0437\u043b\u043e\u0436\u0435\u043d\u043d\u044b\u0445 \u0432 \u043c\u0435\u0442\u043e\u0434\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0435 \u0424\u0421\u0422\u042d\u041a \u0420\u043e\u0441\u0441\u0438\u0438, \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0451\u043d\u043d\u043e\u043c 25 \u0434\u0435\u043a\u0430\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Linux:\nhttps://lore.kernel.org/linux-cve-announce/2025100132-CVE-2023-53518-64e1@gregkh/\nhttps://git.kernel.org/stable/c/111bafa210ae546bee7644be730c42df9c35b66e\t\nhttps://git.kernel.org/stable/c/1640e9c72173911ad0fddb05012c01eafe082c4e\t\nhttps://git.kernel.org/stable/c/29811f4b8255d4238cf326f3bb7129784766beab\t\nhttps://git.kernel.org/stable/c/3354c401c68d70567d1ef25d12f4e22a7813a3c6\t\nhttps://git.kernel.org/stable/c/5693d077595de721f9ddbf9d37f40e5409707dfe\t\nhttps://git.kernel.org/stable/c/64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d\t\nhttps://git.kernel.org/stable/c/7462483446cb9986568ad7adae746ce5f18d2968\t\nhttps://git.kernel.org/stable/c/8918025feb2f5f7c73f2495c158f22997e25cb02\t\nhttps://git.kernel.org/stable/c/ab192e5e5d3b48415909a8408acfd007a607bcc0\n\n\u0414\u043b\u044f Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2023-53518\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2023-53518",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "09.08.2023",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "14.10.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "14.10.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-12906",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2023-53518",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Debian GNU/Linux, Red Hat Enterprise Linux, Linux",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , Red Hat Inc. Red Hat Enterprise Linux 9 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.1.0 \u0434\u043e 6.1.53 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.4.0 \u0434\u043e 6.4.16 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u0434\u043e 6.6 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 6.5 \u0434\u043e 6.5.3 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.7 \u0434\u043e 4.14.326 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 4.19 \u0434\u043e 4.19.295 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.4 \u0434\u043e 5.4.257 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.10 \u0434\u043e 5.10.195 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux \u043e\u0442 5.15 \u0434\u043e 5.15.132 ",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 devfreq_dev_release() \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u043e\u0435 \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432 \u0438\u043b\u0438 \u0434\u0440\u043e\u0441\u0441\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 (CWE-770)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 devfreq_dev_release() \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u043c \u0440\u0430\u0441\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u0438\u0435\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0418\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u043e\u0432",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://access.redhat.com/security/cve/cve-2023-53518\nhttps://lore.kernel.org/linux-cve-announce/2025100132-CVE-2023-53518-64e1@gregkh/\nhttps://git.kernel.org/stable/c/111bafa210ae546bee7644be730c42df9c35b66e\t\nhttps://git.kernel.org/stable/c/1640e9c72173911ad0fddb05012c01eafe082c4e\t\nhttps://git.kernel.org/stable/c/29811f4b8255d4238cf326f3bb7129784766beab\t\nhttps://git.kernel.org/stable/c/3354c401c68d70567d1ef25d12f4e22a7813a3c6\t\nhttps://git.kernel.org/stable/c/5693d077595de721f9ddbf9d37f40e5409707dfe\t\nhttps://git.kernel.org/stable/c/64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d\t\nhttps://git.kernel.org/stable/c/7462483446cb9986568ad7adae746ce5f18d2968\t\nhttps://git.kernel.org/stable/c/8918025feb2f5f7c73f2495c158f22997e25cb02\t\nhttps://git.kernel.org/stable/c/ab192e5e5d3b48415909a8408acfd007a607bcc0\nhttps://security-tracker.debian.org/tracker/CVE-2023-53518",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-770",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,6)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,5)"
}

CVE-2023-53518 (GCVE-0-2023-53518)

Vulnerability from cvelistv5 – Published: 2025-10-01 11:46 – Updated: 2026-05-11 19:46

Title

PM / devfreq: Fix leak in devfreq_dev_release()

Summary

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix leak in devfreq_dev_release() srcu_init_notifier_head() allocates resources that need to be released with a srcu_cleanup_notifier_head() call. Reported by kmemleak.

Severity ?

No CVSS data available.

Assigner

Linux

References

9 references

URL	Tags
https://git.kernel.org/stable/c/7462483446cb99865…
https://git.kernel.org/stable/c/64e6e0dc2d578c0a9…
https://git.kernel.org/stable/c/29811f4b8255d4238…
https://git.kernel.org/stable/c/ab192e5e5d3b48415…
https://git.kernel.org/stable/c/111bafa210ae546be…
https://git.kernel.org/stable/c/8918025feb2f5f7c7…
https://git.kernel.org/stable/c/1640e9c72173911ad…
https://git.kernel.org/stable/c/3354c401c68d70567…
https://git.kernel.org/stable/c/5693d077595de721f…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 0fe3a66410a3ba96679be903f1e287d7a0a264a9 , < 7462483446cb9986568ad7adae746ce5f18d2968 (git) Affected: 0fe3a66410a3ba96679be903f1e287d7a0a264a9 , < 64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d (git) Affected: 0fe3a66410a3ba96679be903f1e287d7a0a264a9 , < 29811f4b8255d4238cf326f3bb7129784766beab (git) Affected: 0fe3a66410a3ba96679be903f1e287d7a0a264a9 , < ab192e5e5d3b48415909a8408acfd007a607bcc0 (git) Affected: 0fe3a66410a3ba96679be903f1e287d7a0a264a9 , < 111bafa210ae546bee7644be730c42df9c35b66e (git) Affected: 0fe3a66410a3ba96679be903f1e287d7a0a264a9 , < 8918025feb2f5f7c73f2495c158f22997e25cb02 (git) Affected: 0fe3a66410a3ba96679be903f1e287d7a0a264a9 , < 1640e9c72173911ad0fddb05012c01eafe082c4e (git) Affected: 0fe3a66410a3ba96679be903f1e287d7a0a264a9 , < 3354c401c68d70567d1ef25d12f4e22a7813a3c6 (git) Affected: 0fe3a66410a3ba96679be903f1e287d7a0a264a9 , < 5693d077595de721f9ddbf9d37f40e5409707dfe (git)
Linux	Linux	Affected: 4.7 Unaffected: 0 , < 4.7 (semver) Unaffected: 4.14.326 , ≤ 4.14.* (semver) Unaffected: 4.19.295 , ≤ 4.19.* (semver) Unaffected: 5.4.257 , ≤ 5.4.* (semver) Unaffected: 5.10.195 , ≤ 5.10.* (semver) Unaffected: 5.15.132 , ≤ 5.15.* (semver) Unaffected: 6.1.53 , ≤ 6.1.* (semver) Unaffected: 6.4.16 , ≤ 6.4.* (semver) Unaffected: 6.5.3 , ≤ 6.5.* (semver) Unaffected: 6.6 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/devfreq/devfreq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "7462483446cb9986568ad7adae746ce5f18d2968",
              "status": "affected",
              "version": "0fe3a66410a3ba96679be903f1e287d7a0a264a9",
              "versionType": "git"
            },
            {
              "lessThan": "64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d",
              "status": "affected",
              "version": "0fe3a66410a3ba96679be903f1e287d7a0a264a9",
              "versionType": "git"
            },
            {
              "lessThan": "29811f4b8255d4238cf326f3bb7129784766beab",
              "status": "affected",
              "version": "0fe3a66410a3ba96679be903f1e287d7a0a264a9",
              "versionType": "git"
            },
            {
              "lessThan": "ab192e5e5d3b48415909a8408acfd007a607bcc0",
              "status": "affected",
              "version": "0fe3a66410a3ba96679be903f1e287d7a0a264a9",
              "versionType": "git"
            },
            {
              "lessThan": "111bafa210ae546bee7644be730c42df9c35b66e",
              "status": "affected",
              "version": "0fe3a66410a3ba96679be903f1e287d7a0a264a9",
              "versionType": "git"
            },
            {
              "lessThan": "8918025feb2f5f7c73f2495c158f22997e25cb02",
              "status": "affected",
              "version": "0fe3a66410a3ba96679be903f1e287d7a0a264a9",
              "versionType": "git"
            },
            {
              "lessThan": "1640e9c72173911ad0fddb05012c01eafe082c4e",
              "status": "affected",
              "version": "0fe3a66410a3ba96679be903f1e287d7a0a264a9",
              "versionType": "git"
            },
            {
              "lessThan": "3354c401c68d70567d1ef25d12f4e22a7813a3c6",
              "status": "affected",
              "version": "0fe3a66410a3ba96679be903f1e287d7a0a264a9",
              "versionType": "git"
            },
            {
              "lessThan": "5693d077595de721f9ddbf9d37f40e5409707dfe",
              "status": "affected",
              "version": "0fe3a66410a3ba96679be903f1e287d7a0a264a9",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/devfreq/devfreq.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.7"
            },
            {
              "lessThan": "4.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.326",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.295",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.257",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.195",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.132",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.53",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.16",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.6",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.14.326",
                  "versionStartIncluding": "4.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.295",
                  "versionStartIncluding": "4.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.257",
                  "versionStartIncluding": "4.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.195",
                  "versionStartIncluding": "4.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.132",
                  "versionStartIncluding": "4.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.53",
                  "versionStartIncluding": "4.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.16",
                  "versionStartIncluding": "4.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5.3",
                  "versionStartIncluding": "4.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6",
                  "versionStartIncluding": "4.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Fix leak in devfreq_dev_release()\n\nsrcu_init_notifier_head() allocates resources that need to be released\nwith a srcu_cleanup_notifier_head() call.\n\nReported by kmemleak."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T19:46:31.486Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/7462483446cb9986568ad7adae746ce5f18d2968"
        },
        {
          "url": "https://git.kernel.org/stable/c/64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d"
        },
        {
          "url": "https://git.kernel.org/stable/c/29811f4b8255d4238cf326f3bb7129784766beab"
        },
        {
          "url": "https://git.kernel.org/stable/c/ab192e5e5d3b48415909a8408acfd007a607bcc0"
        },
        {
          "url": "https://git.kernel.org/stable/c/111bafa210ae546bee7644be730c42df9c35b66e"
        },
        {
          "url": "https://git.kernel.org/stable/c/8918025feb2f5f7c73f2495c158f22997e25cb02"
        },
        {
          "url": "https://git.kernel.org/stable/c/1640e9c72173911ad0fddb05012c01eafe082c4e"
        },
        {
          "url": "https://git.kernel.org/stable/c/3354c401c68d70567d1ef25d12f4e22a7813a3c6"
        },
        {
          "url": "https://git.kernel.org/stable/c/5693d077595de721f9ddbf9d37f40e5409707dfe"
        }
      ],
      "title": "PM / devfreq: Fix leak in devfreq_dev_release()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-53518",
    "datePublished": "2025-10-01T11:46:05.446Z",
    "dateReserved": "2025-10-01T11:39:39.407Z",
    "dateUpdated": "2026-05-11T19:46:31.486Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2025-12906

CVE-2023-53518 (GCVE-0-2023-53518)

Tags

Sightings

Nomenclature