CVE-2023-53255

Summary

In the Linux kernel, the following vulnerability has been resolved:

firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool()

svc_create_memory_pool() is only called from stratix10_svc_drv_probe(). Most of resources in the probe are managed, but not this memremap() call.

There is also no memunmap() call in the file.

So switch to devm_memremap() to avoid a resource leak.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7ca5ce896524f5292e610b27d168269e5ab74951 < e3373e6b6c79aff698442b00d20c9f285d296e46affected
LinuxLinux7ca5ce896524f5292e610b27d168269e5ab74951 < c04ed61ebf01968d7699b121663982493ed577fbaffected
LinuxLinux7ca5ce896524f5292e610b27d168269e5ab74951 < 974ac045a05ad12a0b4578fb303f00dcc22f3abaaffected
LinuxLinux7ca5ce896524f5292e610b27d168269e5ab74951 < cb8a31a56df8492fb0d900959238e1a3ff8b8981affected
LinuxLinux7ca5ce896524f5292e610b27d168269e5ab74951 < 7363de081c793e47866cb54ce7cb8a480cffc259affected
LinuxLinux7ca5ce896524f5292e610b27d168269e5ab74951 < 1995f15590ca222f91193ed11461862b450abfd6affected
LinuxLinux5.0affected
LinuxLinux0 < 5.0unaffected
LinuxLinux5.4.251 <= 5.4.*unaffected
LinuxLinux5.10.188 <= 5.10.*unaffected
LinuxLinux5.15.121 <= 5.15.*unaffected
LinuxLinux6.1.40 <= 6.1.*unaffected
LinuxLinux6.4.5 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References