Unrated severityNVD Advisory· Published Mar 27, 2025· Updated Oct 1, 2025

drm/i915: Fix a memory leak with reused mmap_offset

CVE-2023-53002

Description

In the Linux kernel, the following vulnerability has been resolved:

drm_vma_node_allow() and drm_vma_node_revoke() should be called in balanced pairs. We call drm_vma_node_allow() once per-file everytime a user calls mmap_offset, but only call drm_vma_node_revoke once per-file on each mmap_offset. As the mmap_offset is reused by the client, the per-file vm_count may remain non-zero and the rbtree leaked.

Call drm_vma_node_allow_once() instead to prevent that memory leak.

Affected products

Linux/Kernelllm-fuzzy
osv-coords35 versions
pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_26&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5 pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5 pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS
< 5.14.21-150500.55.103.1+ 34 more
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1.150500.6.49.1
- (no CPE)range: < 5.14.21-150500.55.103.1.150500.6.49.1
- (no CPE)range: < 5.14.21-150500.55.103.1.150500.6.49.1
- (no CPE)range: < 5.14.21-150500.55.103.1.150500.6.49.1
- (no CPE)range: < 5.14.21-150500.55.103.1.150500.6.49.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 1-150500.11.3.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.13.94.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.13.94.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
- (no CPE)range: < 5.14.21-150500.55.103.1
Linux/Linuxcpe-rescue
Range: 5.7

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000