CVE-2023-53719
serial: arc_uart: fix of_iomap leak in `arc_serial_probe`
Description
In the Linux kernel, the following vulnerability has been resolved: serial: arc_uart: fix of_iomap leak in `arc_serial_probe` Smatch reports: drivers/tty/serial/arc_uart.c:631 arc_serial_probe() warn: 'port->membase' from of_iomap() not released on lines: 631. In arc_serial_probe(), if uart_add_one_port() fails, port->membase is not released, which would cause a resource leak. To fix this, I replace of_iomap with devm_platform_ioremap_resource.
INFO
Published Date :
Oct. 22, 2025, 2:15 p.m.
Last Modified :
Oct. 22, 2025, 9:12 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Replace of_iomap with devm_platform_ioremap_resource.
- Ensure resources are released on failure.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2023-53719.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2023-53719 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2023-53719
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2023-53719 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2023-53719 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Oct. 22, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: serial: arc_uart: fix of_iomap leak in `arc_serial_probe` Smatch reports: drivers/tty/serial/arc_uart.c:631 arc_serial_probe() warn: 'port->membase' from of_iomap() not released on lines: 631. In arc_serial_probe(), if uart_add_one_port() fails, port->membase is not released, which would cause a resource leak. To fix this, I replace of_iomap with devm_platform_ioremap_resource. Added Reference https://git.kernel.org/stable/c/081790eee6b47389a0d895262086d64c6a38d6e5 Added Reference https://git.kernel.org/stable/c/153017561d2804cfae87cc9aa377aa84dd906ae1 Added Reference https://git.kernel.org/stable/c/3f00df24a5021a6f02c1830a290acd4bceb22a2d Added Reference https://git.kernel.org/stable/c/40a462313ba4f337a2b419e7fb4a670f3dd95e14 Added Reference https://git.kernel.org/stable/c/7525aa211758cc023a371e010d16ceaae1057807 Added Reference https://git.kernel.org/stable/c/8ab5fc55d7f65d58a3c3aeadf11bdf60267cd2bd Added Reference https://git.kernel.org/stable/c/f76a18e53a66c0ef2938276110717b3805720cd9