CVE-2023-54230Improper Update of Reference Count in Linux

CWE-911Improper Update of Reference Count7 documents6 sources
Severity
3.3LOW
No vector
EPSS
0.0%
top 84.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: amba: bus: fix refcount leak commit 5de1540b7bc4 ("drivers/amba: create devices from device tree") increases the refcount of of_node, but not releases it in amba_device_release, so there is refcount leak. By using of_node_put to avoid refcount leak.

Affected Packages4 packages

Linuxlinux/linux_kernel3.1.04.14.326+7
Debianlinux/linux_kernel< 5.10.197-1+3
CVEListV5linux/linux5de1540b7bc4c23470f86add1e517be41e7fefe294e398df32e850f26828690ee62f7441979583cc+9
debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-9qf5-c4fq-57p4: In the Linux kernel, the following vulnerability has been resolved: amba: bus: fix refcount leak commit 5de1540b7bc4 ("drivers/amba: create devices2025-12-30
OSV
amba: bus: fix refcount leak2025-12-30
OSV
CVE-2023-54230: In the Linux kernel, the following vulnerability has been resolved: amba: bus: fix refcount leak commit 5de1540b7bc4 ("drivers/amba: create devices fr2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: amba: bus: fix refcount leak2025-12-30
Debian
CVE-2023-54230: linux - In the Linux kernel, the following vulnerability has been resolved: amba: bus: ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54230 Impact, Exploitability, and Mitigation Steps | Wiz