SB2025122628 - Memory leak in Linux kernel pinctrl driver
Published: December 26, 2025 Updated: December 31, 2025
Security Bulletin ID
SB2025122628
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2023-54111)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rockchip_pinctrl_parse_groups() function in drivers/pinctrl/pinctrl-rockchip.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/0f735f232ff59863e0b6ebac0849d637e215a9c2
- https://git.kernel.org/stable/c/3c40b34e3462aab12af3dba77d2e1602afc72e80
- https://git.kernel.org/stable/c/5868013522297bf628eee4322d99d6d4de4f308e
- https://git.kernel.org/stable/c/954a7a0011d94475f8ba5ceb77a5d11e01cf402f
- https://git.kernel.org/stable/c/aa017ab5716c9157c65fdce061c4a4a568af53a8
- https://git.kernel.org/stable/c/c818ae563bf99457f02e8170aabd6b174f629f65
- https://git.kernel.org/stable/c/d562054a3a2eede3507a5461011ee82b671fcb88
- https://git.kernel.org/stable/c/dbef00ef4b9b98d15183340396e5df0fa7a860d8
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.16