CVE-2023-53670

EPSS -
Veröffentlicht 07.10.2025 15:21:27
Zuletzt bearbeitet 07.10.2025 16:15:50
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

nvme-core: fix dev_pm_qos memleak

Call dev_pm_qos_hide_latency_tolerance() in the error unwind patch to
avoid following kmemleak:-

blktests (master) # kmemleak-clear; ./check nvme/044;
blktests (master) # kmemleak-scan ; kmemleak-show
nvme/044 (Test bi-directional authentication)                [passed]
    runtime  2.111s  ...  2.124s
unreferenced object 0xffff888110c46240 (size 96):
  comm "nvme", pid 33461, jiffies 4345365353 (age 75.586s)
  hex dump (first 32 bytes):
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
  backtrace:
    [<0000000069ac2cec>] kmalloc_trace+0x25/0x90
    [<000000006acc66d5>] dev_pm_qos_update_user_latency_tolerance+0x6f/0x100
    [<00000000cc376ea7>] nvme_init_ctrl+0x38e/0x410 [nvme_core]
    [<000000007df61b4b>] 0xffffffffc05e88b3
    [<00000000d152b985>] 0xffffffffc05744cb
    [<00000000f04a4041>] vfs_write+0xc5/0x3c0
    [<00000000f9491baf>] ksys_write+0x5f/0xe0
    [<000000001c46513d>] do_syscall_64+0x3b/0x90
    [<00000000ecf348fe>] entry_SYSCALL_64_after_hwframe+0x72/0xdc

Betroffene Produkte Warnungen 0 Metriken 0 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < e1379e067b9485e5af03399fe3f0d39bccb023ad

Version f50fff73d620cd6e8f48bc58d4f1c944615a3fea

Status affected

Version < 7237c26431cc78e5ec3259f4350f3dd58f6a4319

Version f50fff73d620cd6e8f48bc58d4f1c944615a3fea

Status affected

Version < 2ed9a89192e3192e5fea7ff6475c8722513f325e

Version f50fff73d620cd6e8f48bc58d4f1c944615a3fea

Status affected

Version < 7ed5cf8e6d9bfb6a78d0471317edff14f0f2b4dd

Version f50fff73d620cd6e8f48bc58d4f1c944615a3fea

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 6.0

Status affected

Version < 6.0

Version 0

Status unaffected

Version <= 6.1.*

Version 6.1.39

Status unaffected

Version <= 6.3.*

Version 6.3.13

Status unaffected

Version <= 6.4.*

Version 6.4.4

Status unaffected

Version <= *

Version 6.5

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/e1379e067b9485e5af03399fe3f0d39bccb023ad

https://git.kernel.org/stable/c/7237c26431cc78e5ec3259f4350f3dd58f6a4319

https://git.kernel.org/stable/c/2ed9a89192e3192e5fea7ff6475c8722513f325e

https://git.kernel.org/stable/c/7ed5cf8e6d9bfb6a78d0471317edff14f0f2b4dd

https://nvd.nist.gov/vuln/detail/CVE-2023-53670

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53670

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53670

EUVD