CVE-2023-53308 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

net: fec: Better handle pm_runtime_get() failing in .remove()

In the (unlikely) event that pm_runtime_get() (disguised as
pm_runtime_resume_and_get()) fails, the remove callback returned an
error early. The problem with this is that the driver core ignores the
error value and continues removing the device. This results in a
resource leak. Worse the devm allocated resources are freed and so if a
callback of the driver is called later the register mapping is already
gone which probably results in a crash.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/83996d317b1deddc85006376082e8886f55aa709
https://git.kernel.org/stable/c/9407454a9b18bbeff216e8ecde87ffb2171e9ccf
https://git.kernel.org/stable/c/b22b514209ff8c4287abb853399890ab97e1b5ca
https://git.kernel.org/stable/c/be85912c36ddca3e8b2eef1b5392cd8db6bdb730
https://git.kernel.org/stable/c/c1bc2870f14e526a01897e14c747a0a0ca125231
https://git.kernel.org/stable/c/d52a0cca591e899d4e5c8ab19e067b4c6b7d104f
https://git.kernel.org/stable/c/e02d8d5b1602689b98d9b91550a11b9b57baedbe
https://git.kernel.org/stable/c/f816b9829b19394d318e01953aa3b2721bca040d

History

Tue, 16 Sep 2025 16:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: net: fec: Better handle pm_runtime_get() failing in .remove() In the (unlikely) event that pm_runtime_get() (disguised as pm_runtime_resume_and_get()) fails, the remove callback returned an error early. The problem with this is that the driver core ignores the error value and continues removing the device. This results in a resource leak. Worse the devm allocated resources are freed and so if a callback of the driver is called later the register mapping is already gone which probably results in a crash.
Title		net: fec: Better handle pm_runtime_get() failing in .remove()
References		https://git.kernel.org/stable/c/83996d317b1deddc85006376082e8886f55aa709 https://git.kernel.org/stable/c/9407454a9b18bbeff216e8ecde87ffb2171e9ccf https://git.kernel.org/stable/c/b22b514209ff8c4287abb853399890ab97e1b5ca https://git.kernel.org/stable/c/be85912c36ddca3e8b2eef1b5392cd8db6bdb730 https://git.kernel.org/stable/c/c1bc2870f14e526a01897e14c747a0a0ca125231 https://git.kernel.org/stable/c/d52a0cca591e899d4e5c8ab19e067b4c6b7d104f https://git.kernel.org/stable/c/e02d8d5b1602689b98d9b91550a11b9b57baedbe https://git.kernel.org/stable/c/f816b9829b19394d318e01953aa3b2721bca040d

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-16T16:11:46.998Z

Updated: 2025-09-16T16:11:46.998Z

Reserved: 2025-09-16T16:08:59.561Z

Link: CVE-2023-53308

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-16T17:15:36.597

Modified: 2025-09-16T17:15:36.597

Link: CVE-2023-53308

Redhat

No data.

OpenCVE Enrichment

No data.

Metrics

Affected Vendors & Products

Metrics

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object