PT-2025-52981 · Kvm+1 · Kvm+1

Published

2025-12-24

Updated

2026-02-24

CVE-2023-54024

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw related to KVM (Kernel-based Virtual Machine) coalesced MMIO (Memory Mapped I/O) unregistration. Specifically, the target device is not properly destroyed and freed if the unregistration process fails, leading to a memory leak. The issue occurs within the kvm io bus unregister dev() function, which does not destroy the target device as indicated in the code. This can result in an unreferenced object and a memory leak, as demonstrated by a bug report during testing.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-54024

RHSA-2023:6583

SUSE-SU-2026:0263-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0350-1

SUSE-SU-2026:0369-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

Affected Products

Kvm

Linux Kernel

PT-2025-52981 · Kvm+1 · Kvm+1

CVE-2023-54024

Related Identifiers

Affected Products

References · 985