CVE-2023-53670

MEDIUM EPSS 4.5%
Published Oct 7, 20258mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 7, 2025 8mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix dev_pm_qos memleak Call dev_pm_qos_hide_latency_tolerance() in the error unwind patch to avoid following kmemleak:- blktests (master) # kmemleak-clear; ./check nvme/044; blktests (master) # kmemleak-scan ; kmemleak-show nvme/044 (Test bi-directional authentication) [passed] runtime 2.111s ... 2.124s unreferenced object 0xffff888110c46240 (size 96): comm "nvme", pid 33461, jiffies 4345365353 (age 75.586s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<0000000069ac2cec>] kmalloc_trace+0x25/0x90 [<000000006acc66d5>] dev_pm_qos_update_user_latency_tolerance+0x6f/0x100 [<00000000cc376ea7>] nvme_init_ctrl+0x38e/0x410 [nvme_core] [<000000007df61b4b>] 0xffffffffc05e88b3 [<00000000d152b985>] 0xffffffffc05744cb [<00000000f04a4041>] vfs_write+0xc5/0x3c0 [<00000000f9491baf>] ksys_write+0x5f/0xe0 [<000000001c46513d>] do_syscall_64+0x3b/0x90 [<00000000ecf348fe>] entry_SYSCALL_64_after_hwframe+0x72/0xdc

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥6.0  –  <6.1.39
linuxlinux_kernel*≥6.2  –  <6.3.13
linuxlinux_kernel*≥6.4  –  <6.4.4

References 4

  • git.kernel.org https://git.kernel.org/stable/c/2ed9a89192e3192e5fea7ff6475c8722513f325e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7237c26431cc78e5ec3259f4350f3dd58f6a4319
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7ed5cf8e6d9bfb6a78d0471317edff14f0f2b4dd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e1379e067b9485e5af03399fe3f0d39bccb023ad
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2ed9a89192e3192e5fea7ff6475c8722513f325e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7237c26431cc78e5ec3259f4350f3dd58f6a4319
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7ed5cf8e6d9bfb6a78d0471317edff14f0f2b4dd
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e1379e067b9485e5af03399fe3f0d39bccb023ad
    Patch