CVE-2023-54183
Resource Leak in Linux Kernel v4l2-core Media Component
Publication date: 2025-12-30
Last updated on: 2025-12-30
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | kernel | * |
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a potential resource leak in the Linux kernel's media subsystem, specifically in the v4l2-core component within the function v4l2_fwnode_parse_link(). The issue arises when the function fwnode_graph_get_remote_endpoint() fails and returns NULL, causing the subsequent call to fwnode_handle_put() to be ineffective. Additionally, failures in fwnode_graph_get_port_parent() were not properly handled. The fix involves adding proper error handling and releasing references correctly to prevent resource leaks.
How can this vulnerability impact me? :
This vulnerability can lead to resource leaks in the Linux kernel's media subsystem, which may cause increased memory usage or system instability over time if the resources are not properly released. While it does not directly indicate remote code execution or privilege escalation, resource leaks can degrade system performance or reliability.