Linux Kernel Vulnerability in Coretemp Platform Driver by Vendor
CVE-2023-53612

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 October 2025

What is CVE-2023-53612?

A notable issue exists in the handling of Coretemp's platform driver within the Linux kernel. The driver operates unconventionally, relying heavily on an initcall and CPU hotplug notifiers for its functionality, which leads to complex interactions that can cause NULL dereferences under certain configurations. This vulnerable implementation can result in deadlocks during suspend operations and create potential lock dependency issues for other drivers. By simplifying the platform device management and directly linking the devices to the module's lifecycle, significant improvements can be made to enhance stability and reduce errors while maintaining the expected behavior of hardware monitoring interfaces.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4000384684f612b3645a944f6acde0e65ac370b8

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5735878a7b7db7e9ce731cb36cec298a9de67549

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 52ea47a0ddfbc5fe05e873d3f5a59db4ba3e03fe

References

https://git.kernel.org/stable/c/4000384684f612b3645a944f6...

https://git.kernel.org/stable/c/5735878a7b7db7e9ce731cb36...

https://git.kernel.org/stable/c/52ea47a0ddfbc5fe05e873d3f...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2025
Vulnerability Reserved
Oct 4, 2025

JSON