CVE-2023-53385 – This CVE describes a resource leak vulnerabilit... (How to Fix)

Q: What is the severity of CVE-2023-53385?

CVE-2023-53385 has a CVSS score of 5.5 (MEDIUM). This CVE describes a resource leak vulnerability in the Linux kernel's media subsystem. When the of_find_device_by_node function fails to properly release device objects, it can lead to memory exhaustion over time. This affects any Linux system using the mdp3 media driver.

📋 TL;DR

This CVE describes a resource leak vulnerability in the Linux kernel's media subsystem. When the of_find_device_by_node function fails to properly release device objects, it can lead to memory exhaustion over time. This affects any Linux system using the mdp3 media driver.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected kernel versions not specified in CVE description; check git commits for exact ranges

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using the mdp3 media driver. Most standard Linux installations may not have this driver loaded by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel crashes.

🟠

Likely Case

Gradual memory leak leading to degraded system performance over time, potentially requiring system reboots to restore normal operation.

🟢

If Mitigated

With proper memory monitoring and regular patching, impact is limited to occasional performance degradation that can be managed through maintenance.

🌐 Internet-Facing: LOW - This is a local kernel vulnerability requiring local access or existing system compromise to trigger.

🏢 Internal Only: MEDIUM - Internal users or processes with appropriate permissions could trigger the vulnerability, potentially affecting system stability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires triggering the vulnerable code path in the mdp3 driver, which may require specific hardware or driver configuration.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits 35ca8ce495366909b4c2e701d1356570dd40c4e2, 8ba9d91c8f21f070af2049f114c206a8f2d5c71e, or fa481125bc4ca8edc1a4c62fe53486ac9a817593

Vendor Advisory: https://git.kernel.org/stable/c/35ca8ce495366909b4c2e701d1356570dd40c4e2

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version. 2. Reboot system to load new kernel. 3. Verify mdp3 driver is not leaking resources.

🔧 Temporary Workarounds

Disable mdp3 driver

Linux

Prevent loading of vulnerable driver module

echo 'blacklist mdp3' >> /etc/modprobe.d/blacklist.conf
rmmod mdp3

🧯 If You Can't Patch

Monitor system memory usage for unusual increases
Implement regular system reboots to clear accumulated memory leaks

🔍 How to Verify

Check if Vulnerable:

Check if mdp3 driver is loaded: lsmod | grep mdp3

Check Version:

uname -r

Verify Fix Applied:

Check kernel version includes fix commits: uname -r and verify against patched versions

📡 Detection & Monitoring

Log Indicators:

Kernel oom-killer messages
Increasing memory usage in system logs
Driver initialization failures

Network Indicators:

None - local vulnerability only

SIEM Query:

source="kernel" AND ("out of memory" OR "oom-killer" OR "mdp3")

📊 Metadata

CVE ID: CVE-2023-53385

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-401

EPSS Score: 0.01% exploit probability (1.3th percentile)

Published: September 18, 2025

Last Updated: January 14, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53385, you might also want to check these: