CVE-2023-53288

Summary

In the Linux kernel, the following vulnerability has been resolved:

drm/client: Fix memory leak in drm_client_modeset_probe

When a new mode is set to modeset->mode, the previous mode should be freed. This fixes the following kmemleak report:

drm_mode_duplicate+0x45/0x220 [drm] drm_client_modeset_probe+0x944/0xf50 [drm] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper] drm_client_register+0x169/0x240 [drm] ast_pci_probe+0x142/0x190 [ast] local_pci_probe+0xdc/0x180 work_for_cpu_fn+0x4e/0xa0 process_one_work+0x8b7/0x1540 worker_thread+0x70a/0xed0 kthread+0x29f/0x340 ret_from_fork+0x1f/0x30

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa2889606636d135148de101fe3311dfea67baf1c < 5d580017bdb9b3e930b6009e467e5e1589f8ca8aaffected
LinuxLinuxa2889606636d135148de101fe3311dfea67baf1c < 5f2a12f64347f535c6ef55fa7eb36a2874d69b59affected
LinuxLinuxa2889606636d135148de101fe3311dfea67baf1c < 1369d0c586ad44f2d18fe2f4cbc5bcb24132fa71affected
LinuxLinuxa2889606636d135148de101fe3311dfea67baf1c < 917bef37cfaca07781c6fbaf6cd9404d27e64e6faffected
LinuxLinuxa2889606636d135148de101fe3311dfea67baf1c < 8108a494639e56aea77e7196a1d6ea89792b9d4aaffected
LinuxLinuxa2889606636d135148de101fe3311dfea67baf1c < 2329cc7a101af1a844fbf706c0724c0baea38365affected
LinuxLinux0cc98b5963f8886887aab0ded61970bdccfc2350affected
LinuxLinux4.8.7 < 4.9affected
LinuxLinux4.9affected
LinuxLinux0 < 4.9unaffected
LinuxLinux5.4.251 <= 5.4.*unaffected
LinuxLinux5.10.188 <= 5.10.*unaffected
LinuxLinux5.15.123 <= 5.15.*unaffected
LinuxLinux6.1.42 <= 6.1.*unaffected
LinuxLinux6.4.7 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References