CVE-2023-53002

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Mar 27, 2025

Updated: Apr 14, 2025

CWE ID 401

Summary

CVE-2023-53002 is a vulnerability affecting the Linux kernel that has been addressed. The issue lies in the drm/i915 driver where a memory leak occurred due to the unbalanced use of drm_vma_node_allow() and drm_vma_node_revoke(). These functions should be called in pairs, but the current implementation only calls drm_vma_node_allow() each time mmap_offset is used by the client. Since mmap_offset is reused, the per-file vm_count may remain non-zero, leading to a leaked rbtree. To prevent this memory leak, the recommended solution is to use drm_vma_node_allow_once() instead.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/4vVTdK
https://www.cve.org/CVERecord?id=CVE-2023-53002
https://nvd.nist.gov/vuln/detail/CVE-2023-53002

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Measuring the US-China AI Gap

TerraStealerV2 and TerraLogger: Golden Chickens' New Malware Families Discovered

Uncovering MintsLoader With Recorded Future Malware Intelligence Hunting

Know What Matters

For Customers

For Partners

CVE-2023-53002

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations