CVE-2023-53514

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak exists in the Linux kernel related to device names allocated by dev set name(). The device names are not freed before module unloading because the kobject's reference count, set during device initialization, is not decremented to zero. This occurs when device add() fails, and only put device() is used, failing to free the allocated name. The issue is addressed by replacing device del() and put device() with device unregister() for successfully added devices and using put device() for devices that were not added. A release() function is added to the device to prevent a warning during device release, as the context devices are freed together in host1x memory context list free().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.