CVE-2023-54109 - Vulnerability Details

- media: rcar_fdp1: Fix refcount leak in probe and remove function

Description

In the Linux kernel, the following vulnerability has been resolved:

media: rcar_fdp1: Fix refcount leak in probe and remove function

rcar_fcp_get() take reference, which should be balanced with
rcar_fcp_put(). Add missing rcar_fcp_put() in fdp1_remove and
the error paths of fdp1_probe() to fix this.

[hverkuil: resolve merge conflict, remove() is now void]

Published: 2025-12-24

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`4710b752e029f3f82dd4a84d9dc61fe72c97bf82`	affected	< 418a8f3140e07f33bbd5a81625d0ef46c0732cef
`4710b752e029f3f82dd4a84d9dc61fe72c97bf82`	affected	< 9df630dafa1a59946d1da6f070d4cb64f14ea57c
`4710b752e029f3f82dd4a84d9dc61fe72c97bf82`	affected	< 1acb982e3616e70128994fdecf2368a259c8a489
`4710b752e029f3f82dd4a84d9dc61fe72c97bf82`	affected	< 2322b262d2205720518785c2706a3283725ba402
`4710b752e029f3f82dd4a84d9dc61fe72c97bf82`	affected	< 45b7461d914c867ef21c74798da8c42d13d3a0df
`4710b752e029f3f82dd4a84d9dc61fe72c97bf82`	affected	< 59c6addfaaaa09ff7654e4d8793cb16fd22a46d4
`4710b752e029f3f82dd4a84d9dc61fe72c97bf82`	affected	< 48765ca7c6b71bf73a4cc8475a4bad9e2633cf61
`4710b752e029f3f82dd4a84d9dc61fe72c97bf82`	affected	< c766c90faf93897b77c9c5daa603cffab85ba907

Linux

affected

Version	Status	Constraints
`4.10`	affected	—
`0`	unaffected	< 4.10
`4.19.283`	unaffected	≤ 4.19.*
`5.4.243`	unaffected	≤ 5.4.*
`5.10.180`	unaffected	≤ 5.10.*
`5.15.111`	unaffected	≤ 5.15.*
`6.1.28`	unaffected	≤ 6.1.*
`6.2.15`	unaffected	≤ 6.2.*
`6.3.2`	unaffected	≤ 6.3.*
`6.4`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00047.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/1acb982e3616e70128994fdecf2368a259c8a489
https://git.kernel.org/stable/c/2322b262d2205720518785c2706a3283725ba402
https://git.kernel.org/stable/c/418a8f3140e07f33bbd5a81625d0ef46c0732cef
https://git.kernel.org/stable/c/45b7461d914c867ef21c74798da8c42d13d3a0df
https://git.kernel.org/stable/c/48765ca7c6b71bf73a4cc8475a4bad9e2633cf61
https://git.kernel.org/stable/c/59c6addfaaaa09ff7654e4d8793cb16fd22a46d4
https://git.kernel.org/stable/c/9df630dafa1a59946d1da6f070d4cb64f14ea57c
https://git.kernel.org/stable/c/c766c90faf93897b77c9c5daa603cffab85ba907
https://lore.kernel.org/linux-cve-announce/2025122412-CVE-2023-54109-714c@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-54109
https://www.cve.org/CVERecord?id=CVE-2023-54109

History

Thu, 25 Dec 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025122412-CVE-2023-54109-714c@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-54109 https://www.cve.org/CVERecord?id=CVE-2023-54109

Wed, 24 Dec 2025 13:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: media: rcar_fdp1: Fix refcount leak in probe and remove function rcar_fcp_get() take reference, which should be balanced with rcar_fcp_put(). Add missing rcar_fcp_put() in fdp1_remove and the error paths of fdp1_probe() to fix this. [hverkuil: resolve merge conflict, remove() is now void]
Title		media: rcar_fdp1: Fix refcount leak in probe and remove function
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/1acb982e3616e70128994fdecf2368a259c8a489 https://git.kernel.org/stable/c/2322b262d2205720518785c2706a3283725ba402 https://git.kernel.org/stable/c/418a8f3140e07f33bbd5a81625d0ef46c0732cef https://git.kernel.org/stable/c/45b7461d914c867ef21c74798da8c42d13d3a0df https://git.kernel.org/stable/c/48765ca7c6b71bf73a4cc8475a4bad9e2633cf61 https://git.kernel.org/stable/c/59c6addfaaaa09ff7654e4d8793cb16fd22a46d4 https://git.kernel.org/stable/c/9df630dafa1a59946d1da6f070d4cb64f14ea57c https://git.kernel.org/stable/c/c766c90faf93897b77c9c5daa603cffab85ba907

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-24T13:06:32.836Z

Updated: 2026-05-11T19:55:39.017Z

Reserved: 2025-12-24T13:02:52.518Z

Link: CVE-2023-54109

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2025-12-24T13:16:12.793

Modified: 2026-04-15T00:35:42.020

Link: CVE-2023-54109

Redhat

Severity :

Publid Date: 2025-12-24T00:00:00Z

Links: CVE-2023-54109 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object