CVE-2023-54290
Unknown Unknown - Not Provided
Resource Leak in Linux Kernel Mediatek Thermal Driver

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in mtk_thermal_probe Smatch reports: 1. mtk_thermal_probe() warn: 'apmixed_base' from of_iomap() not released. 2. mtk_thermal_probe() warn: 'auxadc_base' from of_iomap() not released. The original code forgets to release iomap resource when handling errors, fix it by switch to devm_of_iomap.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-06-16
AI Q&A
2025-12-30
EPSS Evaluated
N/A
NVD
CVE-2023-54290
EUVD
EUVD-2023-60514
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a resource leak in the Linux kernel's Mediatek thermal driver. Specifically, the mtk_thermal_probe function uses of_iomap to map hardware resources but fails to release these mappings when errors occur, leading to resource leaks. The fix involves switching to devm_of_iomap, which automatically manages the resource lifecycle to prevent leaks.

Impact Analysis

The impact of this vulnerability is a resource leak in the kernel, which could lead to inefficient resource usage or potential system instability over time if the leaked resources accumulate. However, there is no indication of direct security compromise such as privilege escalation or data exposure.

Mitigation Strategies

Apply the patch that switches the code to use devm_of_iomap in the mtk_thermal_probe function to ensure proper release of iomap resources and avoid resource leaks.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-54290. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart