CVE-2023-53670

EPSS -
Published 07.10.2025 15:21:27
Last modified 07.10.2025 16:15:50
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

nvme-core: fix dev_pm_qos memleak

Call dev_pm_qos_hide_latency_tolerance() in the error unwind patch to
avoid following kmemleak:-

blktests (master) # kmemleak-clear; ./check nvme/044;
blktests (master) # kmemleak-scan ; kmemleak-show
nvme/044 (Test bi-directional authentication)                [passed]
    runtime  2.111s  ...  2.124s
unreferenced object 0xffff888110c46240 (size 96):
  comm "nvme", pid 33461, jiffies 4345365353 (age 75.586s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000069ac2cec>] kmalloc_trace+0x25/0x90
    [<000000006acc66d5>] dev_pm_qos_update_user_latency_tolerance+0x6f/0x100
    [<00000000cc376ea7>] nvme_init_ctrl+0x38e/0x410 [nvme_core]
    [<000000007df61b4b>] 0xffffffffc05e88b3
    [<00000000d152b985>] 0xffffffffc05744cb
    [<00000000f04a4041>] vfs_write+0xc5/0x3c0
    [<00000000f9491baf>] ksys_write+0x5f/0xe0
    [<000000001c46513d>] do_syscall_64+0x3b/0x90
    [<00000000ecf348fe>] entry_SYSCALL_64_after_hwframe+0x72/0xdc

Affected products Warnungen 0 Metrics 0 CWE 0 References 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

VendorLinux

≫

Product Linux

Default Statusunaffected

Version < e1379e067b9485e5af03399fe3f0d39bccb023ad

Version f50fff73d620cd6e8f48bc58d4f1c944615a3fea

Status affected

Version < 7237c26431cc78e5ec3259f4350f3dd58f6a4319

Version f50fff73d620cd6e8f48bc58d4f1c944615a3fea

Status affected

Version < 2ed9a89192e3192e5fea7ff6475c8722513f325e

Version f50fff73d620cd6e8f48bc58d4f1c944615a3fea

Status affected

Version < 7ed5cf8e6d9bfb6a78d0471317edff14f0f2b4dd

Version f50fff73d620cd6e8f48bc58d4f1c944615a3fea

Status affected

VendorLinux

≫

Product Linux

Default Statusaffected

Version 6.0

Status affected

Version < 6.0

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.39

Status unaffected

Version <= 6.3.*

Version 6.3.13

Status unaffected

Version <= 6.4.*

Version 6.4.4

Status unaffected

Version <= *

Version 6.5

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string

https://git.kernel.org/stable/c/e1379e067b9485e5af03399fe3f0d39bccb023ad

https://git.kernel.org/stable/c/7237c26431cc78e5ec3259f4350f3dd58f6a4319

https://git.kernel.org/stable/c/2ed9a89192e3192e5fea7ff6475c8722513f325e

https://git.kernel.org/stable/c/7ed5cf8e6d9bfb6a78d0471317edff14f0f2b4dd

https://nvd.nist.gov/vuln/detail/CVE-2023-53670

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53670

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53670

EUVD