CVE-2023-53518

low-risk

Published 2025-10-01

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix leak in devfreq_dev_release() srcu_init_notifier_head() allocates resources that need to be released with a srcu_cleanup_notifier_head() call. Reported by kmemleak.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (9)

Patch https://git.kernel.org/stable/c/111bafa210ae546bee7644be730c42df9c35b66e

Patch https://git.kernel.org/stable/c/1640e9c72173911ad0fddb05012c01eafe082c4e

Patch https://git.kernel.org/stable/c/29811f4b8255d4238cf326f3bb7129784766beab

Patch https://git.kernel.org/stable/c/3354c401c68d70567d1ef25d12f4e22a7813a3c6

Patch https://git.kernel.org/stable/c/5693d077595de721f9ddbf9d37f40e5409707dfe

Patch https://git.kernel.org/stable/c/64e6e0dc2d578c0a9e31cb4edd719f0a3ed98f6d

Patch https://git.kernel.org/stable/c/7462483446cb9986568ad7adae746ce5f18d2968

Patch https://git.kernel.org/stable/c/8918025feb2f5f7c73f2495c158f22997e25cb02

Patch https://git.kernel.org/stable/c/ab192e5e5d3b48415909a8408acfd007a607bcc0

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal