CVE-2023-54183 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link()

If fwnode_graph_get_remote_endpoint() fails, 'fwnode' is known to be NULL,
so fwnode_handle_put() is a no-op.

Release the reference taken from a previous fwnode_graph_get_port_parent()
call instead.

Also handle fwnode_graph_get_port_parent() failures.

In order to fix these issues, add an error handling path to the function
and the needed gotos.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux Subscribe	Linux Kernel Subscribe

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/2342942331e1f034ff58f293e10d0d9b7581601f
https://git.kernel.org/stable/c/25afb3e03bf8ab02567af4b6ffbfd6250a91a9f8
https://git.kernel.org/stable/c/4bc5ffaf8ac4f3e7a1fcd10a0a0e7b022b694877
https://git.kernel.org/stable/c/caf058833b6f3fe7beabf738110f79bb987c8fff
https://git.kernel.org/stable/c/d7b13edd4cb4bfa335b6008ab867ac28582d3e5c
https://git.kernel.org/stable/c/d8a8f75fce049bdb3144b607deefe51e996b9660
https://git.kernel.org/stable/c/e8a1cd87bb9fa3149ee112ecb8058908dc9b520e
https://git.kernel.org/stable/c/ed1696f7f92e8404940d51dec80a123aa18163a8

History

Tue, 30 Dec 2025 12:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link() If fwnode_graph_get_remote_endpoint() fails, 'fwnode' is known to be NULL, so fwnode_handle_put() is a no-op. Release the reference taken from a previous fwnode_graph_get_port_parent() call instead. Also handle fwnode_graph_get_port_parent() failures. In order to fix these issues, add an error handling path to the function and the needed gotos.
Title		media: v4l2-core: Fix a potential resource leak in v4l2_fwnode_parse_link()
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/2342942331e1f034ff58f293e10d0d9b7581601f https://git.kernel.org/stable/c/25afb3e03bf8ab02567af4b6ffbfd6250a91a9f8 https://git.kernel.org/stable/c/4bc5ffaf8ac4f3e7a1fcd10a0a0e7b022b694877 https://git.kernel.org/stable/c/caf058833b6f3fe7beabf738110f79bb987c8fff https://git.kernel.org/stable/c/d7b13edd4cb4bfa335b6008ab867ac28582d3e5c https://git.kernel.org/stable/c/d8a8f75fce049bdb3144b607deefe51e996b9660 https://git.kernel.org/stable/c/e8a1cd87bb9fa3149ee112ecb8058908dc9b520e https://git.kernel.org/stable/c/ed1696f7f92e8404940d51dec80a123aa18163a8

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-30T12:08:53.888Z

Updated: 2025-12-30T12:08:53.888Z

Reserved: 2025-12-30T12:06:44.497Z

Link: CVE-2023-54183

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-30T13:16:06.247

Modified: 2025-12-30T13:16:06.247

Link: CVE-2023-54183

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Metrics

Affected Vendors & Products

Projects

Metrics

Affected Vendors & Products

Projects

JSON object

JSON object

JSON object

JSON object

JSON object