CVE-2023-52684

Summary

In the Linux kernel, the following vulnerability has been resolved:

firmware: qcom: qseecom: fix memory leaks in error paths

Fix instances of returning error codes directly instead of jumping to the relevant labels where memory allocated for the SCM calls would be freed.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux759e7a2b62eb3ef3c93ffeb5cca788a09627d7d9 < 85fdbf6840455be64eac16bdfe0df3368ee3d0f0affected
LinuxLinux759e7a2b62eb3ef3c93ffeb5cca788a09627d7d9 < 6c57d7b593c4a4e60db65d5ce0fe1d9f79ccbe9baffected
LinuxLinux6.7affected
LinuxLinux0 < 6.7unaffected
LinuxLinux6.7.2 <= 6.7.*unaffected
LinuxLinux6.8 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References