CVE-2023-53353 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: postpone mem_mgr IDR destruction to hpriv_release() The memory manager IDR is currently destroyed when user releases the file descriptor. However, at this point the user context might be still held, and memory buffers might be still in use. Later on, calls to release those buffers will fail due to not finding their handles in the IDR, leading to a memory leak. To avoid this leak, split the IDR destruction from the memory manager fini, and postpone it to hpriv_release() when there is no user context and no buffers are used.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/2e8e9a895c4589f124a37fc84d123b5114406e94
https://git.kernel.org/stable/c/840de329ca99cafd0cdde9c6ac160b1330942aba

History

Wed, 17 Sep 2025 15:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: postpone mem_mgr IDR destruction to hpriv_release() The memory manager IDR is currently destroyed when user releases the file descriptor. However, at this point the user context might be still held, and memory buffers might be still in use. Later on, calls to release those buffers will fail due to not finding their handles in the IDR, leading to a memory leak. To avoid this leak, split the IDR destruction from the memory manager fini, and postpone it to hpriv_release() when there is no user context and no buffers are used.
Title		accel/habanalabs: postpone mem_mgr IDR destruction to hpriv_release()
References		https://git.kernel.org/stable/c/2e8e9a895c4589f124a37fc84d123b5114406e94 https://git.kernel.org/stable/c/840de329ca99cafd0cdde9c6ac160b1330942aba

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-17T14:56:43.543Z

Updated: 2025-09-17T14:56:43.543Z

Reserved: 2025-09-16T16:08:59.567Z

Link: CVE-2023-53353

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-17T15:15:39.293

Modified: 2025-09-17T15:15:39.293

Link: CVE-2023-53353

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53353", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-09-16T16:08:59.567Z", "datePublished": "2025-09-17T14:56:43.543Z", "dateUpdated": "2025-09-17T14:56:43.543Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-17T14:56:43.543Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/habanalabs: postpone mem_mgr IDR destruction to hpriv_release()\n\nThe memory manager IDR is currently destroyed when user releases the\nfile descriptor.\nHowever, at this point the user context might be still held, and memory\nbuffers might be still in use.\nLater on, calls to release those buffers will fail due to not finding\ntheir handles in the IDR, leading to a memory leak.\nTo avoid this leak, split the IDR destruction from the memory manager\nfini, and postpone it to hpriv_release() when there is no user context\nand no buffers are used."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/habanalabs/common/device.c", "drivers/accel/habanalabs/common/habanalabs.h", "drivers/accel/habanalabs/common/habanalabs_drv.c", "drivers/accel/habanalabs/common/memory_mgr.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "840de329ca99cafd0cdde9c6ac160b1330942aba", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "2e8e9a895c4589f124a37fc84d123b5114406e94", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/accel/habanalabs/common/device.c", "drivers/accel/habanalabs/common/habanalabs.h", "drivers/accel/habanalabs/common/habanalabs_drv.c", "drivers/accel/habanalabs/common/memory_mgr.c"], "versions": [{"version": "6.3.4", "lessThanOrEqual": "6.3.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.3.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.4"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/840de329ca99cafd0cdde9c6ac160b1330942aba"}, {"url": "https://git.kernel.org/stable/c/2e8e9a895c4589f124a37fc84d123b5114406e94"}], "title": "accel/habanalabs: postpone mem_mgr IDR destruction to hpriv_release()", "x_generator": {"engine": "bippy-1.2.0"}}}}