CVE-2023-54136Missing Release of Memory after Effective Lifetime in Linux

CWE-401Missing Release of Memory after Effective Lifetime7 documents6 sources
Severity
5.8MEDIUM
No vector
EPSS
0.0%
top 89.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: serial: sprd: Fix DMA buffer leak issue Release DMA buffer when _probe() returns failure to avoid memory leak.

Affected Packages4 packages

Linuxlinux/linux_kernel5.2.05.4.257+5
Debianlinux/linux_kernel< 5.10.197-1+3
CVEListV5linux/linuxf4487db58eb780a52d768f3b36aaaa8fd5839215c65be6ad55e5e45f8c4e40e1d8d7fe0e21b26e77+7
debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

3
OSV
serial: sprd: Fix DMA buffer leak issue2025-12-24
OSV
CVE-2023-54136: In the Linux kernel, the following vulnerability has been resolved: serial: sprd: Fix DMA buffer leak issue Release DMA buffer when _probe() returns f2025-12-24
GHSA
GHSA-rxqc-v8m6-3ph4: In the Linux kernel, the following vulnerability has been resolved: serial: sprd: Fix DMA buffer leak issue Release DMA buffer when _probe() returns2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: serial: sprd: Fix DMA buffer leak issue2025-12-24
Debian
CVE-2023-54136: linux - In the Linux kernel, the following vulnerability has been resolved: serial: spr...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54136 Impact, Exploitability, and Mitigation Steps | Wiz