{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-53529","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-10-01T11:39:39.408Z","datePublished":"2025-10-01T11:46:14.358Z","dateUpdated":"2026-05-11T19:46:44.263Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:46:44.263Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw88: Fix memory leak in rtw88_usb\n\nKmemleak shows the following leak arising from routine in the usb\nprobe routine:\n\nunreferenced object 0xffff895cb29bba00 (size 512):\n  comm \"(udev-worker)\", pid 534, jiffies 4294903932 (age 102751.088s)\n  hex dump (first 32 bytes):\n    77 30 30 30 00 00 00 00 02 2f 2d 2b 30 00 00 00  w000...../-+0...\n    02 00 2a 28 00 00 00 00 ff 55 ff ff ff 00 00 00  ..*(.....U......\n  backtrace:\n    [<ffffffff9265fa36>] kmalloc_trace+0x26/0x90\n    [<ffffffffc17eec41>] rtw_usb_probe+0x2f1/0x680 [rtw_usb]\n    [<ffffffffc03e19fd>] usb_probe_interface+0xdd/0x2e0 [usbcore]\n    [<ffffffff92b4f2fe>] really_probe+0x18e/0x3d0\n    [<ffffffff92b4f5b8>] __driver_probe_device+0x78/0x160\n    [<ffffffff92b4f6bf>] driver_probe_device+0x1f/0x90\n    [<ffffffff92b4f8df>] __driver_attach+0xbf/0x1b0\n    [<ffffffff92b4d350>] bus_for_each_dev+0x70/0xc0\n    [<ffffffff92b4e51e>] bus_add_driver+0x10e/0x210\n    [<ffffffff92b50935>] driver_register+0x55/0xf0\n    [<ffffffffc03e0708>] usb_register_driver+0x88/0x140 [usbcore]\n    [<ffffffff92401153>] do_one_initcall+0x43/0x210\n    [<ffffffff9254f42a>] do_init_module+0x4a/0x200\n    [<ffffffff92551d1c>] __do_sys_finit_module+0xac/0x120\n    [<ffffffff92ee6626>] do_syscall_64+0x56/0x80\n    [<ffffffff9300006a>] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThe leak was verified to be real by unloading the driver, which resulted\nin a dangling pointer to the allocation.\n\nThe allocated memory is freed in rtw_usb_intf_deinit()."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/realtek/rtw88/usb.c"],"versions":[{"version":"e3037485c68ec1a299ff41160d8fedbd4abc29b9","lessThan":"5bba1ad561a8b5bb14704d8f511cf10466336e3d","status":"affected","versionType":"git"},{"version":"e3037485c68ec1a299ff41160d8fedbd4abc29b9","lessThan":"59a3a312009723e3e5082899655fdcc420e2b47a","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/realtek/rtw88/usb.c"],"versions":[{"version":"5.2","status":"affected"},{"version":"0","lessThan":"5.2","status":"unaffected","versionType":"semver"},{"version":"6.3.4","lessThanOrEqual":"6.3.*","status":"unaffected","versionType":"semver"},{"version":"6.4","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"6.3.4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.2","versionEndExcluding":"6.4"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/5bba1ad561a8b5bb14704d8f511cf10466336e3d"},{"url":"https://git.kernel.org/stable/c/59a3a312009723e3e5082899655fdcc420e2b47a"}],"title":"wifi: rtw88: Fix memory leak in rtw88_usb","x_generator":{"engine":"bippy-1.2.0"}}}}