CVE-2023-54290
Unknown Unknown - Not Provided

Resource Leak in Linux Kernel Mediatek Thermal Driver

Vulnerability report for CVE-2023-54290, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/mediatek: Use devm_of_iomap to avoid resource leak in mtk_thermal_probe Smatch reports: 1. mtk_thermal_probe() warn: 'apmixed_base' from of_iomap() not released. 2. mtk_thermal_probe() warn: 'auxadc_base' from of_iomap() not released. The original code forgets to release iomap resource when handling errors, fix it by switch to devm_of_iomap.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-07-06
AI Q&A
2025-12-30
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux kernel *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability is a resource leak in the Linux kernel's Mediatek thermal driver. Specifically, the mtk_thermal_probe function uses of_iomap to map hardware resources but fails to release these mappings when errors occur, leading to resource leaks. The fix involves switching to devm_of_iomap, which automatically manages the resource lifecycle to prevent leaks.

Impact Analysis

The impact of this vulnerability is a resource leak in the kernel, which could lead to inefficient resource usage or potential system instability over time if the leaked resources accumulate. However, there is no indication of direct security compromise such as privilege escalation or data exposure.

Mitigation Strategies

Apply the patch that switches the code to use devm_of_iomap in the mtk_thermal_probe function to ensure proper release of iomap resources and avoid resource leaks.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-54290. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart