AZL-69482

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-69482.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-69482

Upstream

CVE-2023-53012

Published

2025-03-27T17:15:50Z

Modified

2026-04-21T04:38:36.782841Z

Summary

CVE-2023-53012 affecting package kernel 5.15.200.1-1

Details

In the Linux kernel, the following vulnerability has been resolved:

thermal: core: call putdevice() only after deviceregister() fails

putdevice() shouldn't be called before a prior call to deviceregister(). _thermalcoolingdeviceregister() doesn't follow that properly and needs fixing. Also thermalcoolingdevicedestroysysfs() is getting called unnecessarily on few error paths.

Fix all this by placing the calls at the right place.

Based on initial work done by Caleb Connolly.

References

https://nvd.nist.gov/vuln/detail/CVE-2023-53012

Affected packages

Azure Linux:2 / kernel

Package

Name: kernel
Purl: pkg:rpm/azure-linux/kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

5.15.200.1-1

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-69482.json"