CVE-2023-53637 in Linux
Summary
by MITRE • 10/07/2025
In the Linux kernel, the following vulnerability has been resolved:
media: i2c: ov772x: Fix memleak in ov772x_probe()
A memory leak was reported when testing ov772x with bpf mock device:
AssertionError: unreferenced object 0xffff888109afa7a8 (size 8): comm "python3", pid 279, jiffies 4294805921 (age 20.681s) hex dump (first 8 bytes): 80 22 88 15 81 88 ff ff ."...... backtrace: [<000000009990b438>] __kmalloc_node+0x44/0x1b0
[<000000009e32f7d7>] kvmalloc_node+0x34/0x180
[<00000000faf48134>] v4l2_ctrl_handler_init_class+0x11d/0x180 [videodev]
[<00000000da376937>] ov772x_probe+0x1c3/0x68c [ov772x]
[<000000003f0d225e>] i2c_device_probe+0x28d/0x680
[<00000000e0b6db89>] really_probe+0x17c/0x3f0
[<000000001b19fcee>] __driver_probe_device+0xe3/0x170
[<0000000048370519>] driver_probe_device+0x49/0x120
[<000000005ead07a0>] __device_attach_driver+0xf7/0x150
[<0000000043f452b8>] bus_for_each_drv+0x114/0x180
[<00000000358e5596>] __device_attach+0x1e5/0x2d0
[<0000000043f83c5d>] bus_probe_device+0x126/0x140
[<00000000ee0f3046>] device_add+0x810/0x1130
[<00000000e0278184>] i2c_new_client_device+0x359/0x4f0
[<0000000070baf34f>] of_i2c_register_device+0xf1/0x110
[<00000000a9f2159d>] of_i2c_notify+0x100/0x160
unreferenced object 0xffff888119825c00 (size 256): comm "python3", pid 279, jiffies 4294805921 (age 20.681s) hex dump (first 32 bytes): 00 b4 a5 17 81 88 ff ff 00 5e 82 19 81 88 ff ff .........^...... 10 5c 82 19 81 88 ff ff 10 5c 82 19 81 88 ff ff .\.......\...... backtrace: [<000000009990b438>] __kmalloc_node+0x44/0x1b0
[<000000009e32f7d7>] kvmalloc_node+0x34/0x180
[<0000000073d88e0b>] v4l2_ctrl_new.cold+0x19b/0x86f [videodev]
[<00000000b1f576fb>] v4l2_ctrl_new_std+0x16f/0x210 [videodev]
[<00000000caf7ac99>] ov772x_probe+0x1fa/0x68c [ov772x]
[<000000003f0d225e>] i2c_device_probe+0x28d/0x680
[<00000000e0b6db89>] really_probe+0x17c/0x3f0
[<000000001b19fcee>] __driver_probe_device+0xe3/0x170
[<0000000048370519>] driver_probe_device+0x49/0x120
[<000000005ead07a0>] __device_attach_driver+0xf7/0x150
[<0000000043f452b8>] bus_for_each_drv+0x114/0x180
[<00000000358e5596>] __device_attach+0x1e5/0x2d0
[<0000000043f83c5d>] bus_probe_device+0x126/0x140
[<00000000ee0f3046>] device_add+0x810/0x1130
[<00000000e0278184>] i2c_new_client_device+0x359/0x4f0
[<0000000070baf34f>] of_i2c_register_device+0xf1/0x110
The reason is that if priv->hdl.error is set, ov772x_probe() jumps to the error_mutex_destroy without doing v4l2_ctrl_handler_free(), and all resources allocated in v4l2_ctrl_handler_init() and v4l2_ctrl_new_std() are leaked.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 03/01/2026
The vulnerability CVE-2023-53637 represents a memory leak in the Linux kernel's v4l2 driver for the ov772x camera sensor. This issue occurs within the i2c media subsystem and specifically affects the ov772x_probe function which handles device initialization. The flaw manifests when the driver encounters an error condition during probe execution, causing improper resource cleanup and subsequent memory leaks. The vulnerability was identified through testing with bpf mock devices and reported via kernel memory debugging tools that detected unreferenced objects.
The technical root cause stems from improper error handling within the ov772x_probe function where the driver fails to properly clean up v4l2 control handler resources when an error condition is detected. When priv->hdl.error is set during the probe process, the code branches to error_mutex_destroy without executing v4l2_ctrl_handler_free(), which would normally release all memory allocated by v4l2_ctrl_handler_init() and v4l2_ctrl_new_std() functions. This creates a classic memory leak scenario where kernel memory remains allocated but unreferenced, leading to gradual memory consumption over time. The backtrace shows the allocation path originating from v4l2_ctrl_handler_init_class and v4l2_ctrl_new_std functions, both part of the videodev kernel module that manages video control interfaces.
This vulnerability impacts system stability and resource utilization in embedded systems and devices running Linux kernels with the affected v4l2 driver. The memory leaks can accumulate over time, particularly in systems that frequently probe and unprobe camera devices, potentially leading to system performance degradation or memory exhaustion. The issue affects devices using the ov772x sensor through i2c interfaces, which are common in embedded systems, automotive applications, and various multimedia devices. The vulnerability is classified as a memory leak under CWE-401 and aligns with ATT&CK technique T1070.004 for Indicator Removal on Host, as the leaked memory represents a resource that could be exploited to reduce system availability through resource exhaustion.
Mitigation strategies include applying the kernel patch that ensures proper cleanup of v4l2 control handler resources regardless of error conditions during device probe operations. System administrators should update to kernel versions containing the fix, which typically involves modifying the ov772x_probe function to always call v4l2_ctrl_handler_free() before exiting error paths. Additionally, monitoring for memory leaks in systems using v4l2 camera drivers can help detect potential exploitation attempts. The patch implementation ensures that error handling paths properly release all allocated resources, preventing the accumulation of unreferenced kernel memory objects. Organizations should prioritize kernel updates and implement monitoring solutions to detect anomalous memory usage patterns that might indicate exploitation attempts.