CVE-2023-52936: 
Linux Kernel vulnerability analysis and mitigation

CVE-2023-52936 is a memory leak vulnerability discovered in the Linux kernel's irq/irqdomain.c component. The vulnerability was disclosed on March 27, 2025, affecting various Linux kernel versions. The issue occurs when calling debugfs_lookup() without properly calling dput() on the result, causing memory to leak over time (NVD).

The vulnerability exists in the kernel/irq/irqdomain.c file where the debugfslookup() function is called without properly releasing the memory using dput(). This oversight causes a gradual memory leak as the system continues to operate. The fix involves replacing the problematic code with debugfslookupandremove() which handles all the cleanup logic automatically (NVD).

The vulnerability can lead to memory leaks in affected Linux systems over time, potentially impacting system performance and stability. The CVSS severity rating is 5.5, indicating a medium severity issue with local attack vector and low attack complexity (Rapid7).

The vulnerability has been fixed in various Linux distributions. Ubuntu has released patches for multiple versions including Ubuntu 22.04 LTS (linux 5.15.0-72.79), Ubuntu 20.04 LTS with linux-hwe-5.15 (5.15.0-72.79~20.04.1), and other affected packages (Ubuntu). Users are advised to update their systems to the patched versions.