Linux Kernel Vulnerability in Arizona MFD - Refcnt Leak Issue
CVE-2023-53443

5.5MEDIUM

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 September 2025

What is CVE-2023-53443?

A vulnerability exists within the Linux kernel's Arizona MFD driver, specifically in the arizona_clk32k_enable() function. The issue arises from an incorrect implementation of the function which uses pm_runtime_get_sync(). This can lead to an unexpected increase in the reference count, even when an error occurs during the device's power management operation. To mitigate this, the function should be modified to utilize pm_runtime_resume_and_get(), which properly manages the reference count and prevents leaks. This change is crucial for maintaining system integrity and effective resource management.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 247fa1920deeb1064e36c0a34410f4d63503b3d4 < 7195e642b49af60d4120fa1b45bd812ba528174f

Linux 247fa1920deeb1064e36c0a34410f4d63503b3d4 < 754e81ff44061dda68da0fd4ef51bd1aa9fbf2cf

Linux 247fa1920deeb1064e36c0a34410f4d63503b3d4 < 5a47bb71b1a94a279144fc3031d3c4591b38dd16

References

https://git.kernel.org/stable/c/7195e642b49af60d4120fa1b4...
https://git.kernel.org/stable/c/754e81ff44061dda68da0fd4e...
https://git.kernel.org/stable/c/5a47bb71b1a94a279144fc303...

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.