ghsa-6pw4-v52h-38vj
Vulnerability from github
Published
2025-09-17 15:30
Modified
2025-09-17 15:30
Details

In the Linux kernel, the following vulnerability has been resolved:

accel/habanalabs: postpone mem_mgr IDR destruction to hpriv_release()

The memory manager IDR is currently destroyed when user releases the file descriptor. However, at this point the user context might be still held, and memory buffers might be still in use. Later on, calls to release those buffers will fail due to not finding their handles in the IDR, leading to a memory leak. To avoid this leak, split the IDR destruction from the memory manager fini, and postpone it to hpriv_release() when there is no user context and no buffers are used.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2023-53353"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-17T15:15:39Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/habanalabs: postpone mem_mgr IDR destruction to hpriv_release()\n\nThe memory manager IDR is currently destroyed when user releases the\nfile descriptor.\nHowever, at this point the user context might be still held, and memory\nbuffers might be still in use.\nLater on, calls to release those buffers will fail due to not finding\ntheir handles in the IDR, leading to a memory leak.\nTo avoid this leak, split the IDR destruction from the memory manager\nfini, and postpone it to hpriv_release() when there is no user context\nand no buffers are used.",
  "id": "GHSA-6pw4-v52h-38vj",
  "modified": "2025-09-17T15:30:38Z",
  "published": "2025-09-17T15:30:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53353"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/2e8e9a895c4589f124a37fc84d123b5114406e94"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/840de329ca99cafd0cdde9c6ac160b1330942aba"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.