SB2025100811 - Memory leak in Linux kernel clk driver
Published: October 8, 2025 Updated: October 27, 2025
Security Bulletin ID
SB2025100811
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2023-53674)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the devm_clk_notifier_register() function in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/49451db71b746df990888068961f1033f7c9b734
- https://git.kernel.org/stable/c/7fb933e56f77a57ef7cfc59fc34cbbf1b1fa31ff
- https://git.kernel.org/stable/c/a326cf0107b197e649bbaa2a2b1355894826ce32
- https://git.kernel.org/stable/c/cb1b04fd4283fc8f9acefe0ddc61ba072ed44877
- https://git.kernel.org/stable/c/efbbda79b2881a04dcd0e8f28634933d79e17e49
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.4