CVE-2023-54205 - Vulnerability Details

- pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain

Description

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain

of_irq_find_parent() returns a node pointer with refcount incremented,
We should use of_node_put() on it when not needed anymore.
Add missing of_node_put() to avoid refcount leak.

Published: 2025-12-30

Score: n/a

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`d86f4d71e42a9fa1866f030074e54d7571d16ec1`	affected	< 95ab6d7905ebb52dc2ed6357c38e536753824068
`d86f4d71e42a9fa1866f030074e54d7571d16ec1`	affected	< 8ab860dd8717a7e4a143988885fea0d7e5a9412e
`d86f4d71e42a9fa1866f030074e54d7571d16ec1`	affected	< af54707c0ccab52b3d532402436ea101011a9299
`d86f4d71e42a9fa1866f030074e54d7571d16ec1`	affected	< 601be03fa8b81747a154bdef9b559411a5b921e8
`d86f4d71e42a9fa1866f030074e54d7571d16ec1`	affected	< 9ae053d1eb87875d56f95b6a123a69827225a70e
`d86f4d71e42a9fa1866f030074e54d7571d16ec1`	affected	< dcef18c8ac40aa85bb339f64c1dd31dd458b06fb

Linux

affected

Version	Status	Constraints
`5.2`	affected	—
`0`	unaffected	< 5.2
`5.4.235`	unaffected	≤ 5.4.*
`5.10.173`	unaffected	≤ 5.10.*
`5.15.99`	unaffected	≤ 5.15.*
`6.1.16`	unaffected	≤ 6.1.*
`6.2.3`	unaffected	≤ 6.2.*
`6.3`	unaffected	≤ *

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00047.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/601be03fa8b81747a154bdef9b559411a5b921e8
https://git.kernel.org/stable/c/8ab860dd8717a7e4a143988885fea0d7e5a9412e
https://git.kernel.org/stable/c/95ab6d7905ebb52dc2ed6357c38e536753824068
https://git.kernel.org/stable/c/9ae053d1eb87875d56f95b6a123a69827225a70e
https://git.kernel.org/stable/c/af54707c0ccab52b3d532402436ea101011a9299
https://git.kernel.org/stable/c/dcef18c8ac40aa85bb339f64c1dd31dd458b06fb
https://lore.kernel.org/linux-cve-announce/2025123022-CVE-2023-54205-966b@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-54205
https://www.cve.org/CVERecord?id=CVE-2023-54205

History

Wed, 31 Dec 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025123022-CVE-2023-54205-966b@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-54205 https://www.cve.org/CVERecord?id=CVE-2023-54205

Tue, 30 Dec 2025 12:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain of_irq_find_parent() returns a node pointer with refcount incremented, We should use of_node_put() on it when not needed anymore. Add missing of_node_put() to avoid refcount leak.
Title		pinctrl: stm32: Fix refcount leak in stm32_pctrl_get_irq_domain
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/601be03fa8b81747a154bdef9b559411a5b921e8 https://git.kernel.org/stable/c/8ab860dd8717a7e4a143988885fea0d7e5a9412e https://git.kernel.org/stable/c/95ab6d7905ebb52dc2ed6357c38e536753824068 https://git.kernel.org/stable/c/9ae053d1eb87875d56f95b6a123a69827225a70e https://git.kernel.org/stable/c/af54707c0ccab52b3d532402436ea101011a9299 https://git.kernel.org/stable/c/dcef18c8ac40aa85bb339f64c1dd31dd458b06fb

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-30T12:11:05.295Z

Updated: 2026-05-11T19:57:30.110Z

Reserved: 2025-12-30T12:06:44.499Z

Link: CVE-2023-54205

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2025-12-30T13:16:08.640

Modified: 2026-04-15T00:35:42.020

Link: CVE-2023-54205

Redhat

Severity :

Publid Date: 2025-12-30T00:00:00Z

Links: CVE-2023-54205 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

No weakness.

Tracking

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object