CVE-2023-53422
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-18

Last updated on: 2025-12-11

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fw: fix memory leak in debugfs Fix a memory leak that occurs when reading the fw_info file all the way, since we return NULL indicating no more data, but don't free the status tracking object.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-18
Last Modified
2025-12-11
Generated
2026-06-16
AI Q&A
2025-09-18
EPSS Evaluated
2026-06-14
NVD
CVE-2023-53422
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 5.8 (inc) to 5.10.180 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.111 (exc)
linux linux_kernel From 5.16 (inc) to 6.1.28 (exc)
linux linux_kernel From 6.2 (inc) to 6.2.15 (exc)
linux linux_kernel From 6.3 (inc) to 6.3.2 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-401 The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a memory leak in the Linux kernel's iwlwifi driver firmware debugfs interface. Specifically, when reading the fw_info file completely, the code returns NULL to indicate no more data but fails to free the associated status tracking object, causing a memory leak.

Impact Analysis

The memory leak can lead to increased memory usage over time, potentially degrading system performance or causing resource exhaustion if the fw_info file is read repeatedly without a system restart or memory cleanup.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53422. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart