CVE-2023-53264

Summary

In the Linux kernel, the following vulnerability has been resolved:

clk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe

Use devm_of_iomap() instead of of_iomap() to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc() will leak, but using devm_kzalloc() instead will automatically free the memory using devm_kfree().

Also, fix error handling of hws by adding unregister_hws label, which unregisters remaining hws when iomap failed.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7154b046d8f3a441474ced1688eb348d42f5f165 < 1839032251a66f2ae5a043c495532830a55d28c4affected
LinuxLinux7154b046d8f3a441474ced1688eb348d42f5f165 < 0fbdfd2542252e4c02e8158a06b7c0c9cfd40f99affected
LinuxLinux7154b046d8f3a441474ced1688eb348d42f5f165 < 02e54db221bb001b32f839e0149ee8d890ab9aa1affected
LinuxLinux7154b046d8f3a441474ced1688eb348d42f5f165 < 1b280598ab3bd8a2dc8b96a12530d5b1ee7a8f4aaffected
LinuxLinux5.18affected
LinuxLinux0 < 5.18unaffected
LinuxLinux6.1.39 <= 6.1.*unaffected
LinuxLinux6.3.13 <= 6.3.*unaffected
LinuxLinux6.4.4 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References