CVE-2023-53330 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrl_linkup_request() When linktype is unknown or kzalloc failed in cfctrl_linkup_request(), pkt is not released. Add release process to error path.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/1dddeceb26002cfea4c375e92ac6498768dc7349
https://git.kernel.org/stable/c/33df9c5d5e2a18c70f5f5f3c2757d654c1b6ffa3
https://git.kernel.org/stable/c/3acf3783a84cbdf0c9f8cf2f32ee9c49af93a2da
https://git.kernel.org/stable/c/3ad47c8aa5648226184415e4a0cb1bf67ffbfd48
https://git.kernel.org/stable/c/84b2cc7b36b7f6957d307fb3d01603f93cb2d655
https://git.kernel.org/stable/c/badea57569db04b010e922e29a7aaf40a979a70b
https://git.kernel.org/stable/c/dc1bc903970bdf63ca40ab923d3ccb765da9a8d9
https://git.kernel.org/stable/c/fe69230f05897b3de758427b574fc98025dfc907
https://lore.kernel.org/linux-cve-announce/2025091645-CVE-2023-53330-8d89@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-53330
https://www.cve.org/CVERecord?id=CVE-2023-53330

History

Wed, 17 Sep 2025 11:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Wed, 17 Sep 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025091645-CVE-2023-53330-8d89@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-53330 https://www.cve.org/CVERecord?id=CVE-2023-53330
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Tue, 16 Sep 2025 16:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrl_linkup_request() When linktype is unknown or kzalloc failed in cfctrl_linkup_request(), pkt is not released. Add release process to error path.
Title		caif: fix memory leak in cfctrl_linkup_request()
References		https://git.kernel.org/stable/c/1dddeceb26002cfea4c375e92ac6498768dc7349 https://git.kernel.org/stable/c/33df9c5d5e2a18c70f5f5f3c2757d654c1b6ffa3 https://git.kernel.org/stable/c/3acf3783a84cbdf0c9f8cf2f32ee9c49af93a2da https://git.kernel.org/stable/c/3ad47c8aa5648226184415e4a0cb1bf67ffbfd48 https://git.kernel.org/stable/c/84b2cc7b36b7f6957d307fb3d01603f93cb2d655 https://git.kernel.org/stable/c/badea57569db04b010e922e29a7aaf40a979a70b https://git.kernel.org/stable/c/dc1bc903970bdf63ca40ab923d3ccb765da9a8d9 https://git.kernel.org/stable/c/fe69230f05897b3de758427b574fc98025dfc907

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-16T16:12:06.005Z

Updated: 2025-09-16T16:12:06.005Z

Reserved: 2025-09-16T16:08:59.564Z

Link: CVE-2023-53330

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-09-16T17:15:39.313

Modified: 2025-09-17T14:18:55.093

Link: CVE-2023-53330

Redhat

Severity : Moderate

Publid Date: 2025-09-16T00:00:00Z

Links: CVE-2023-53330 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object