2400772 – (CVE-2023-53514) CVE-2023-53514 kernel: gpu: host1x: Fix memory leak of device names

Bug 2400772 (CVE-2023-53514) - CVE-2023-53514 kernel: gpu: host1x: Fix memory leak of device names

Summary: CVE-2023-53514 kernel: gpu: host1x: Fix memory leak of device names

Keywords:
Status:	NEW
Alias:	CVE-2023-53514
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-10-01 12:06 UTC by OSIDB Bzimport
Modified:	2025-10-01 20:06 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-10-01 12:06:35 UTC

In the Linux kernel, the following vulnerability has been resolved:

gpu: host1x: Fix memory leak of device names

The device names allocated by dev_set_name() need be freed
before module unloading, but they can not be freed because
the kobject's refcount which was set in device_initialize()
has not be decreased to 0.

As comment of device_add() says, if it fails, use only
put_device() drop the refcount, then the name will be
freed in kobejct_cleanup().

device_del() and put_device() can be replaced with
device_unregister(), so call it to unregister the added
successfully devices, and just call put_device() to the
not added device.

Add a release() function to device to avoid null release()
function WARNING in device_release(), it's empty, because
the context devices are freed together in
host1x_memory_context_list_free().

Comment 1 Jon Moroney 2025-10-01 20:04:29 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025100131-CVE-2023-53514-bcd5@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.