Resource Management Flaw in Atmel QuadSPI Driver of Linux Kernel
CVE-2023-53758

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 8 December 2025

What is CVE-2023-53758?

A vulnerability in the Atmel QuadSPI driver of the Linux Kernel could lead to improper resource management during device removal. Specifically, if the runtime resume fails, the driver does not prevent the unbinding of the device. This results in an SPI controller that has an unbound parent and unmapped register space, potentially leading to operational inconsistencies when the remaining SPI controller is engaged. To address this, the driver should unregister the controller unconditionally and avoid hardware access and clock disable, while also providing warnings about resume failure to suppress misleading error messages.

Affected Version(s)

Linux 4a2f83b7f78092a6d9e98fb5573d8f4b79c56336

Linux 4a2f83b7f78092a6d9e98fb5573d8f4b79c56336 < 618770d4d8e40b7f8ed9eb5f210cd9164dfac47d

Linux 4a2f83b7f78092a6d9e98fb5573d8f4b79c56336 < 77806d7c9bebe40a8cdce2b8d30fbe6511745df8

References

https://git.kernel.org/stable/c/f6974fb20499e3b6522daa7ae...

https://git.kernel.org/stable/c/618770d4d8e40b7f8ed9eb5f2...

https://git.kernel.org/stable/c/77806d7c9bebe40a8cdce2b8d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 8, 2025
Vulnerability Reserved
Dec 8, 2025

JSON