CVE-2023-53012
MEDIUM EPSS 8.6%
Published Mar 27, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Published Mar 27, 2025 1y ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: thermal: core: call put_device() only after device_register() fails put_device() shouldn't be called before a prior call to device_register(). __thermal_cooling_device_register() doesn't follow that properly and needs fixing. Also thermal_cooling_device_destroy_sysfs() is getting called unnecessarily on few error paths. Fix all this by placing the calls at the right place. Based on initial work done by Caleb Connolly.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
8.6% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Affected Products 7
References 3
- git.kernel.org https://git.kernel.org/stable/c/2846a7412f6246fd5171f51011bf76dfebcec0ee
- git.kernel.org https://git.kernel.org/stable/c/6c54b7bc8a31ce0f7cc7f8deef05067df414f1d8
- git.kernel.org https://git.kernel.org/stable/c/a7d736cc3c6cb0d7498bbfb56515d414e35e9510
Remediation
- git.kernel.org https://git.kernel.org/stable/c/2846a7412f6246fd5171f51011bf76dfebcec0ee
- git.kernel.org https://git.kernel.org/stable/c/6c54b7bc8a31ce0f7cc7f8deef05067df414f1d8
- git.kernel.org https://git.kernel.org/stable/c/a7d736cc3c6cb0d7498bbfb56515d414e35e9510