CVE-2023-54320
Description
In the Linux kernel, the following vulnerability has been resolved:
platform/x86/amd: pmc: Fix memory leak in amd_pmc_stb_debugfs_open_v2()
Function amd_pmc_stb_debugfs_open_v2() may be called when the STB debug mechanism enabled.
When amd_pmc_send_cmd() fails, the 'buf' needs to be released.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A memory leak in amd_pmc_stb_debugfs_open_v2() occurs when amd_pmc_send_cmd() fails, leaving allocated buffer unreleased.
Vulnerability
Analysis
In the Linux kernel's platform/x86/amd/pmc driver, the function amd_pmc_stb_debugfs_open_v2() allocates a buffer for STB debug data. If the subsequent call to amd_pmc_send_cmd() fails, the buffer is not freed, causing a memory leak [1].
Exploitation
Exploitation
The vulnerability is reachable only when the STB debug mechanism is enabled. An attacker would need local access to the system and the ability to trigger the debugfs open operation. No special privileges are required beyond normal user access to debugfs interfaces if enabled. The failure condition can be induced by external factors like hardware unresponsive hardware.
Impact
Each failed call leaks a small buffer. While not directly exploitable for code execution, repeated triggers could exhaust memory, leading to denial of service.
Mitigation
The fix, included in Linux kernel stable updates, adds a kfree(buf) on the error path before the function returns [1]. Users should apply the most recent stable kernel patch or update to a version containing the commit.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
2d804adef7b23f6e7ac4c35a2Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2News mentions
0No linked articles in our index yet.