VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 9, 2025· Updated Apr 15, 2026

CVE-2023-53818

CVE-2023-53818

Description

In the Linux kernel, the following vulnerability has been resolved:

ARM: zynq: Fix refcount leak in zynq_early_slcr_init

of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on error path. Add missing of_node_put() to avoid refcount leak.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A refcount leak in the Linux kernel's ARM Zynq early SLCR init function can lead to resource exhaustion, fixed by adding a missing of_node_put().

Vulnerability

Overview

CVE-2023-53818 is a reference count leak vulnerability in the Linux kernel's Linux kernel's ARM Zynq early SLCR initialization function (zynq_early_slcr_init). The function calls of_find_compatible_node() which returns a device node pointer with its reference count incremented. On error paths, the code fails to release this reference via of_node_put_node(), causing a leak.

Exploitation and

Impact

An attacker with local access could potentially trigger the error path repeatedly, causing the kernel to exhaust memory or other resources tied to device node references. This could lead to denial of service (DoS) conditions. No authentication or special privileges are required beyond local access to the system.

Mitigation

The fix was applied in multiple stable kernel commits [1][2][3][4]. Users should update to a patched kernel version. No workaround is available other than applying the patch.

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!
  3. Making sure you're not a bot!
  4. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Linux/Kernelinferred2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)

Patches

8
f00bc6727adf
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
351b7e93d02b
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
ede0334bf4df
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
227f8c1c5c4b
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
1cc12d10d13a
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
e43a06c73be4
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
4c22ee805202
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
9eedb910a3be
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

8

News mentions

0

No linked articles in our index yet.