CVE-2023-54259Improper Update of Reference Count in Linux

CWE-911Improper Update of Reference Count7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 93.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: soundwire: bus: Fix unbalanced pm_runtime_put() causing usage count underflow This reverts commit 443a98e649b4 ("soundwire: bus: use pm_runtime_resume_and_get()") Change calls to pm_runtime_resume_and_get() back to pm_runtime_get_sync(). This fixes a usage count underrun caused by doing a pm_runtime_put() even though pm_runtime_resume_and_get() returned an error. The three affected functions ignore -EACCES error from trying

Affected Packages4 packages

Linuxlinux/linux_kernel5.19.06.1.30+1
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linux443a98e649b469b4e6a2832799853a5764ef90024e5e9da139c007dfc397a159093b4c4187ee67fa+3
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2023-54259: In the Linux kernel, the following vulnerability has been resolved: soundwire: bus: Fix unbalanced pm_runtime_put() causing usage count underflow This2025-12-30
GHSA
GHSA-qq6g-5658-hpx2: In the Linux kernel, the following vulnerability has been resolved: soundwire: bus: Fix unbalanced pm_runtime_put() causing usage count underflow Th2025-12-30
OSV
soundwire: bus: Fix unbalanced pm_runtime_put() causing usage count underflow2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: soundwire: bus: Fix unbalanced pm_runtime_put() causing usage count underflow2025-12-30
Debian
CVE-2023-54259: linux - In the Linux kernel, the following vulnerability has been resolved: soundwire: ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54259 Impact, Exploitability, and Mitigation Steps | Wiz