CVE-2023-54230
Unknown Unknown - Not Provided
Reference Count Leak in Linux Kernel AMBA Bus Driver

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: amba: bus: fix refcount leak commit 5de1540b7bc4 ("drivers/amba: create devices from device tree") increases the refcount of of_node, but not releases it in amba_device_release, so there is refcount leak. By using of_node_put to avoid refcount leak.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-06-16
AI Q&A
2025-12-30
EPSS Evaluated
2026-06-15
NVD
CVE-2023-54230
EUVD
EUVD-2023-60411
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a reference count leak in the Linux kernel's AMBA bus driver. Specifically, the code increases the reference count of an of_node object when creating devices from the device tree but fails to release it properly in the amba_device_release function. This leads to a reference count leak, which was fixed by using of_node_put to correctly release the reference.

Impact Analysis

The reference count leak can lead to resource leaks in the kernel, potentially causing increased memory usage or instability over time. This could degrade system performance or reliability, especially in systems heavily using the AMBA bus devices.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-54230. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart