CVE-2023-53453

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions (affected versions not specified)

Description The Linux kernel contains an issue where the iio (Industrial I/O) memory was allocated but not released during driver shutdown, leading to a kernel memory leak (kmemleak). This occurs specifically within the radeon driver, during the atom parse() function and related calls like atom index iio(). The fix involves freeing the allocated memory in the radeon atombios fini() function. The backtrace indicates the issue originates from the radeon driver and involves functions such as kmem cache alloc trace(), atom parse(), radeon atombios init(), si init(), radeon device init(), radeon driver load kms(), drm dev register(), radeon pci probe(), pci device probe(), really probe.part.0(), driver probe device(), driver probe device(), driver attach(), bus for each dev(), driver attach(), bus add driver().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Allocation of Resources Without Limits

Improper Resource Release

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-770CWE-404CWE-400

Related Identifiers

ALSA-2025_16880

BDU:2026-01496

CESA-2023_7077

CVE-2023-53453

OESA-2025-2553

RHSA-2023:6583

RHSA-2023:7077

RHSA-2023_6583

RHSA-2023_7077

SUSE-SU-2025:03615-1

SUSE-SU-2025:03628-1

SUSE-SU-2025:3716-1

SUSE-SU-2025:3761-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

Radeon Dri Driver

CVE-2023-53453

Weakness Enumeration

Related Identifiers

Affected Products

References · 902