CVE-2023-53266

Summary

In the Linux kernel, the following vulnerability has been resolved:

arm64: acpi: Fix possible memory leak of ffh_ctxt

Allocated 'ffh_ctxt' memory leak is possible if the SMCCC version and conduit checks fail and -EOPNOTSUPP is returned without freeing the allocated memory.

Fix the same by moving the allocation after the SMCCC version and conduit checks.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux1d280ce099db396e092cac1aa9bf2ea8beee6d76 < 7521da2eb42d65f89f511b7912d3757cf3d9168aaffected
LinuxLinux1d280ce099db396e092cac1aa9bf2ea8beee6d76 < 1b561d3949f8478c5403c9752b5533211a757226affected
LinuxLinux6.2affected
LinuxLinux0 < 6.2unaffected
LinuxLinux6.2.3 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References