CVE-2023-53288
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/client: Fix memory leak in drm_client_modeset_probe
When a new mode is set to modeset->mode, the previous mode should be freed. This fixes the following kmemleak report:
drm_mode_duplicate+0x45/0x220 [drm] drm_client_modeset_probe+0x944/0xf50 [drm] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper] drm_client_register+0x169/0x240 [drm] ast_pci_probe+0x142/0x190 [ast] local_pci_probe+0xdc/0x180 work_for_cpu_fn+0x4e/0xa0 process_one_work+0x8b7/0x1540 worker_thread+0x70a/0xed0 kthread+0x29f/0x340 ret_from_fork+0x1f/0x30
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | a2889606636d135148de101fe3311dfea67baf1c < 5d580017bdb9b3e930b6009e467e5e1589f8ca8a | affected |
| Linux | Linux | a2889606636d135148de101fe3311dfea67baf1c < 5f2a12f64347f535c6ef55fa7eb36a2874d69b59 | affected |
| Linux | Linux | a2889606636d135148de101fe3311dfea67baf1c < 1369d0c586ad44f2d18fe2f4cbc5bcb24132fa71 | affected |
| Linux | Linux | a2889606636d135148de101fe3311dfea67baf1c < 917bef37cfaca07781c6fbaf6cd9404d27e64e6f | affected |
| Linux | Linux | a2889606636d135148de101fe3311dfea67baf1c < 8108a494639e56aea77e7196a1d6ea89792b9d4a | affected |
| Linux | Linux | a2889606636d135148de101fe3311dfea67baf1c < 2329cc7a101af1a844fbf706c0724c0baea38365 | affected |
| Linux | Linux | 0cc98b5963f8886887aab0ded61970bdccfc2350 | affected |
| Linux | Linux | 4.8.7 < 4.9 | affected |
| Linux | Linux | 4.9 | affected |
| Linux | Linux | 0 < 4.9 | unaffected |
| Linux | Linux | 5.4.251 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.188 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.123 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.42 <= 6.1.* | unaffected |
| Linux | Linux | 6.4.7 <= 6.4.* | unaffected |
| Linux | Linux | 6.5 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/5d580017bdb9b3e930b6009e467e5e1589f8ca8a
- https://git.kernel.org/stable/c/5f2a12f64347f535c6ef55fa7eb36a2874d69b59
- https://git.kernel.org/stable/c/1369d0c586ad44f2d18fe2f4cbc5bcb24132fa71
- https://git.kernel.org/stable/c/917bef37cfaca07781c6fbaf6cd9404d27e64e6f
- https://git.kernel.org/stable/c/8108a494639e56aea77e7196a1d6ea89792b9d4a
- https://git.kernel.org/stable/c/2329cc7a101af1a844fbf706c0724c0baea38365
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.