{"id":"CVE-2023-53453","summary":"drm/radeon: free iio for atombios when driver shutdown","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: free iio for atombios when driver shutdown\n\nFix below kmemleak when unload radeon driver:\n\nunreferenced object 0xffff9f8608ede200 (size 512):\n  comm \"systemd-udevd\", pid 326, jiffies 4294682822 (age 716.338s)\n  hex dump (first 32 bytes):\n    00 00 00 00 c4 aa ec aa 14 ab 00 00 00 00 00 00  ................\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n  backtrace:\n    [\u003c0000000062fadebe\u003e] kmem_cache_alloc_trace+0x2f1/0x500\n    [\u003c00000000b6883cea\u003e] atom_parse+0x117/0x230 [radeon]\n    [\u003c00000000158c23fd\u003e] radeon_atombios_init+0xab/0x170 [radeon]\n    [\u003c00000000683f672e\u003e] si_init+0x57/0x750 [radeon]\n    [\u003c00000000566cc31f\u003e] radeon_device_init+0x559/0x9c0 [radeon]\n    [\u003c0000000046efabb3\u003e] radeon_driver_load_kms+0xc1/0x1a0 [radeon]\n    [\u003c00000000b5155064\u003e] drm_dev_register+0xdd/0x1d0\n    [\u003c0000000045fec835\u003e] radeon_pci_probe+0xbd/0x100 [radeon]\n    [\u003c00000000e69ecca3\u003e] pci_device_probe+0xe1/0x160\n    [\u003c0000000019484b76\u003e] really_probe.part.0+0xc1/0x2c0\n    [\u003c000000003f2649da\u003e] __driver_probe_device+0x96/0x130\n    [\u003c00000000231c5bb1\u003e] driver_probe_device+0x24/0xf0\n    [\u003c0000000000a42377\u003e] __driver_attach+0x77/0x190\n    [\u003c00000000d7574da6\u003e] bus_for_each_dev+0x7f/0xd0\n    [\u003c00000000633166d2\u003e] driver_attach+0x1e/0x30\n    [\u003c00000000313b05b8\u003e] bus_add_driver+0x12c/0x1e0\n\niio was allocated in atom_index_iio() called by atom_parse(),\nbut it doesn't got released when the dirver is shutdown.\nFix this kmemleak by free it in radeon_atombios_fini().","modified":"2026-04-11T12:46:47.880489Z","published":"2025-10-01T11:42:24.649Z","related":["SUSE-SU-2025:03615-1","SUSE-SU-2025:03628-1","SUSE-SU-2025:3716-1","SUSE-SU-2025:3761-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53453.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/107b8b542bb9dab4cbdc3276c85fbdd7f6782313"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4773fadedca918faec443daaca5e4ea1c0ced144"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9cdb96b55651c92fc949cfd54124406c3c912b6b"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cb109cedbba11c33473e6780c256d8442a9e4460"},{"type":"WEB","url":"https://git.kernel.org/stable/c/cda2f7efbc2d857220dad32e315a54565b285c1c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ce9e9d3dcbb0d1551ffd1a7f16e7c051f3ba4140"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e2791f2f4d1d804e45fa91b14295c326b64c65f1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f9f55fc64928b5e30d78f861c5fc76db9e769ebb"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53453.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53453"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"771fe6b912fca54f03e8a72eb63058b582775362"},{"fixed":"cb109cedbba11c33473e6780c256d8442a9e4460"},{"fixed":"9cdb96b55651c92fc949cfd54124406c3c912b6b"},{"fixed":"f9f55fc64928b5e30d78f861c5fc76db9e769ebb"},{"fixed":"ce9e9d3dcbb0d1551ffd1a7f16e7c051f3ba4140"},{"fixed":"cda2f7efbc2d857220dad32e315a54565b285c1c"},{"fixed":"107b8b542bb9dab4cbdc3276c85fbdd7f6782313"},{"fixed":"e2791f2f4d1d804e45fa91b14295c326b64c65f1"},{"fixed":"4773fadedca918faec443daaca5e4ea1c0ced144"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53453.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"2.6.31"},{"fixed":"4.14.308"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.15.0"},{"fixed":"4.19.276"}]},{"type":"ECOSYSTEM","events":[{"introduced":"4.20.0"},{"fixed":"5.4.235"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.173"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.99"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.16"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.2.3"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53453.json"}}],"schema_version":"1.7.5"}