CVE-2023-54017
Unknown Unknown - Not Provided

Memory Leak in Linux powerpc/pseries ibmebus_bus_init() Function

Vulnerability report for CVE-2023-54017, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-24

Last updated on: 2025-12-24

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: fix possible memory leak in ibmebus_bus_init() If device_register() returns error in ibmebus_bus_init(), name of kobject which is allocated in dev_set_name() called in device_add() is leaked. As comment of device_add() says, it should call put_device() to drop the reference count that was set in device_initialize() when it fails, so the name can be freed in kobject_cleanup().

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-24
Last Modified
2025-12-24
Generated
2026-07-06
AI Q&A
2025-12-24
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a possible memory leak in the Linux kernel's powerpc/pseries subsystem, specifically in the ibmebus_bus_init() function. When device_register() returns an error during initialization, the name of a kobject allocated in dev_set_name() is not properly freed because the expected call to put_device() to drop the reference count does not occur. This causes the allocated memory for the kobject's name to be leaked.

Impact Analysis

The impact of this vulnerability is a memory leak in the Linux kernel, which could lead to increased memory usage over time and potentially degrade system performance or stability if the leak is significant or occurs repeatedly.

Mitigation Strategies

Apply the patch or update to the Linux kernel version that includes the fix for the memory leak in ibmebus_bus_init() as described. This will ensure that device_register() errors properly release allocated resources and prevent memory leaks.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-54017. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart