CVE-2023-54017
Memory Leak in Linux powerpc/pseries ibmebus_bus_init() Function
Publication date: 2025-12-24
Last updated on: 2025-12-24
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a possible memory leak in the Linux kernel's powerpc/pseries subsystem, specifically in the ibmebus_bus_init() function. When device_register() returns an error during initialization, the name of a kobject allocated in dev_set_name() is not properly freed because the expected call to put_device() to drop the reference count does not occur. This causes the allocated memory for the kobject's name to be leaked.
How can this vulnerability impact me? :
The impact of this vulnerability is a memory leak in the Linux kernel, which could lead to increased memory usage over time and potentially degrade system performance or stability if the leak is significant or occurs repeatedly.
What immediate steps should I take to mitigate this vulnerability?
Apply the patch or update to the Linux kernel version that includes the fix for the memory leak in ibmebus_bus_init() as described. This will ensure that device_register() errors properly release allocated resources and prevent memory leaks.