{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53308", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-09-16T16:08:59.561Z", "datePublished": "2025-09-16T16:11:46.998Z", "dateUpdated": "2025-09-16T16:11:46.998Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-16T16:11:46.998Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: Better handle pm_runtime_get() failing in .remove()\n\nIn the (unlikely) event that pm_runtime_get() (disguised as\npm_runtime_resume_and_get()) fails, the remove callback returned an\nerror early. The problem with this is that the driver core ignores the\nerror value and continues removing the device. This results in a\nresource leak. Worse the devm allocated resources are freed and so if a\ncallback of the driver is called later the register mapping is already\ngone which probably results in a crash."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/freescale/fec_main.c"], "versions": [{"version": "982d424239d7fae74938557428d45c717567ea9b", "lessThan": "d52a0cca591e899d4e5c8ab19e067b4c6b7d104f", "status": "affected", "versionType": "git"}, {"version": "04748841f7a02ec6ff07fadfc5d1f8e24e61946d", "lessThan": "be85912c36ddca3e8b2eef1b5392cd8db6bdb730", "status": "affected", "versionType": "git"}, {"version": "a31eda65ba210741b598044d045480494d0ed52a", "lessThan": "b22b514209ff8c4287abb853399890ab97e1b5ca", "status": "affected", "versionType": "git"}, {"version": "a31eda65ba210741b598044d045480494d0ed52a", "lessThan": "83996d317b1deddc85006376082e8886f55aa709", "status": "affected", "versionType": "git"}, {"version": "a31eda65ba210741b598044d045480494d0ed52a", "lessThan": "c1bc2870f14e526a01897e14c747a0a0ca125231", "status": "affected", "versionType": "git"}, {"version": "a31eda65ba210741b598044d045480494d0ed52a", "lessThan": "9407454a9b18bbeff216e8ecde87ffb2171e9ccf", "status": "affected", "versionType": "git"}, {"version": "a31eda65ba210741b598044d045480494d0ed52a", "lessThan": "e02d8d5b1602689b98d9b91550a11b9b57baedbe", "status": "affected", "versionType": "git"}, {"version": "a31eda65ba210741b598044d045480494d0ed52a", "lessThan": "f816b9829b19394d318e01953aa3b2721bca040d", "status": "affected", "versionType": "git"}, {"version": "d961a58dcc9778948502847303d29d018a49710a", "status": "affected", "versionType": "git"}, {"version": "d9c7531fb4708eb3f22cccdb0b7371834d37555a", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/net/ethernet/freescale/fec_main.c"], "versions": [{"version": "5.4", "status": "affected"}, {"version": "0", "lessThan": "5.4", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.316", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.284", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.244", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.181", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.113", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.30", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3.4", "lessThanOrEqual": "6.3.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.14.158", "versionEndExcluding": "4.14.316"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19.88", "versionEndExcluding": "4.19.284"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4", "versionEndExcluding": "5.4.244"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4", "versionEndExcluding": "5.10.181"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4", "versionEndExcluding": "5.15.113"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4", "versionEndExcluding": "6.1.30"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4", "versionEndExcluding": "6.3.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4", "versionEndExcluding": "6.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.9.206"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3.15"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/d52a0cca591e899d4e5c8ab19e067b4c6b7d104f"}, {"url": "https://git.kernel.org/stable/c/be85912c36ddca3e8b2eef1b5392cd8db6bdb730"}, {"url": "https://git.kernel.org/stable/c/b22b514209ff8c4287abb853399890ab97e1b5ca"}, {"url": "https://git.kernel.org/stable/c/83996d317b1deddc85006376082e8886f55aa709"}, {"url": "https://git.kernel.org/stable/c/c1bc2870f14e526a01897e14c747a0a0ca125231"}, {"url": "https://git.kernel.org/stable/c/9407454a9b18bbeff216e8ecde87ffb2171e9ccf"}, {"url": "https://git.kernel.org/stable/c/e02d8d5b1602689b98d9b91550a11b9b57baedbe"}, {"url": "https://git.kernel.org/stable/c/f816b9829b19394d318e01953aa3b2721bca040d"}], "title": "net: fec: Better handle pm_runtime_get() failing in .remove()", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "CB0798B1-CA64-4529-A5AC-7146F59643A2", "versionEndExcluding": "4.10", "versionStartIncluding": "4.9.206", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5BCD50CB-C2BD-4613-A0B3-BE4E8A70606B", "versionEndExcluding": "4.14.316", "versionStartIncluding": "4.14.158", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "878D0CAD-F0B9-48E6-AC29-67336F3607A4", "versionEndExcluding": "4.19.284", "versionStartIncluding": "4.19.88", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "DEDD31E3-90F8-4A45-89A5-9B27A3B5FC07", "versionEndExcluding": "5.4", "versionStartIncluding": "5.3.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0AFC823D-6913-4035-B927-27DB60AEE8F0", "versionEndExcluding": "5.4.244", "versionStartIncluding": "5.4.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5B1726B-45AA-47F2-9261-6DC963E92248", "versionEndExcluding": "5.10.181", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3D5E1B5-AB9D-4ECC-8F11-F3E1BF761E27", "versionEndExcluding": "5.15.113", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E9430E62-03EA-42E6-9E5E-BD1D5124D107", "versionEndExcluding": "6.1.30", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "26C54BF0-3EED-46D4-92A7-5F07F658B49B", "versionEndExcluding": "6.3.4", "versionStartIncluding": "6.2", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.4:-:*:*:*:*:*:*", "matchCriteriaId": "4D70AB13-37BE-4BD3-A652-10191F1642E4", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc1:*:*:*:*:*:*", "matchCriteriaId": "38BC6744-7D25-4C02-9966-B224CD071D30", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.4:rc2:*:*:*:*:*:*", "matchCriteriaId": "76061B41-CAE9-4467-BEDE-0FFC7956F2A1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: Better handle pm_runtime_get() failing in .remove()\n\nIn the (unlikely) event that pm_runtime_get() (disguised as\npm_runtime_resume_and_get()) fails, the remove callback returned an\nerror early. The problem with this is that the driver core ignores the\nerror value and continues removing the device. This results in a\nresource leak. Worse the devm allocated resources are freed and so if a\ncallback of the driver is called later the register mapping is already\ngone which probably results in a crash."}], "id": "CVE-2023-53308", "lastModified": "2025-12-01T21:46:25.467", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-09-16T17:15:36.597", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/83996d317b1deddc85006376082e8886f55aa709"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9407454a9b18bbeff216e8ecde87ffb2171e9ccf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b22b514209ff8c4287abb853399890ab97e1b5ca"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/be85912c36ddca3e8b2eef1b5392cd8db6bdb730"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/c1bc2870f14e526a01897e14c747a0a0ca125231"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/d52a0cca591e899d4e5c8ab19e067b4c6b7d104f"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/e02d8d5b1602689b98d9b91550a11b9b57baedbe"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f816b9829b19394d318e01953aa3b2721bca040d"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-415"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: net: fec: Better handle pm_runtime_get() failing in .remove()", "id": "2395867", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395867"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2023-53308", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-09-16T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-53308\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53308\nhttps://lore.kernel.org/linux-cve-announce/2025091641-CVE-2023-53308-51a1@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-09-17T10:04:28.032243+00:00", "updated": "2025-09-17T10:04:28.032275+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}