CVE-2023-53379
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved:
usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()
Smatch reports: drivers/usb/phy/phy-tahvo.c: tahvo_usb_probe() warn: missing unwind goto?
After geting irq, if ret < 0, it will return without error handling to free memory. Just add error handling to fix this problem.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 3f06415418f37ac602e71a61ee83ea43553e6bbd < 3e5a7bebf832b1482efe27bcc15a88c5b28a30d0 | affected |
| Linux | Linux | 5e2d2f05204f7ab9c645a1fb9f10a3f6393dd2fa < 4da9edeccf77d7b4c6dbcb34d5908acdaa5bd7e3 | affected |
| Linux | Linux | 606668e24a0d7fd262e2326d76bb60b965fe713f < fe9cdc19861950582f077f254a12026e169eaee5 | affected |
| Linux | Linux | 494629ba62a961de1f2dd0b7125878acb27b8043 < 56901de563359de20513e16a9ae008ae2c22e9a9 | affected |
| Linux | Linux | 0d45a1373e669880b8beaecc8765f44cb0241e47 < ecf26d6e1b5450620c214feea537bb6ce05c6741 | affected |
| Linux | Linux | 0d45a1373e669880b8beaecc8765f44cb0241e47 < dd9b7c89a80428cc5f4ae0d2e1311fdedb2a1aac | affected |
| Linux | Linux | 0d45a1373e669880b8beaecc8765f44cb0241e47 < 38dbd6f72bfbeba009efe0e9ec1f3ff09f9e23fa | affected |
| Linux | Linux | 0d45a1373e669880b8beaecc8765f44cb0241e47 < 342161c11403ea00e9febc16baab1d883d589d04 | affected |
| Linux | Linux | 62e663c172115b9e26a0856508db6277871a7c32 | affected |
| Linux | Linux | 4eab21911d5d6a3377b8965b9fb06463b248fe6b | affected |
| Linux | Linux | dcf379ea4e93b8ea23d628db68ae953b26d63af1 | affected |
| Linux | Linux | b45f0d0105a0f50e681dc8fac4b32e1192de34f2 | affected |
| Linux | Linux | 4.14.247 < 4.14.322 | affected |
| Linux | Linux | 4.19.207 < 4.19.291 | affected |
| Linux | Linux | 5.4.146 < 5.4.251 | affected |
| Linux | Linux | 5.10.65 < 5.10.188 | affected |
| Linux | Linux | 4.4.284 < 4.5 | affected |
| Linux | Linux | 4.9.283 < 4.10 | affected |
| Linux | Linux | 5.13.17 < 5.14 | affected |
| Linux | Linux | 5.14.4 < 5.15 | affected |
| Linux | Linux | 5.15 | affected |
| Linux | Linux | 0 < 5.15 | unaffected |
| Linux | Linux | 4.14.322 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.291 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.251 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.188 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.121 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.39 <= 6.1.* | unaffected |
| Linux | Linux | 6.4.4 <= 6.4.* | unaffected |
| Linux | Linux | 6.5 <= * | unaffected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://git.kernel.org/stable/c/3e5a7bebf832b1482efe27bcc15a88c5b28a30d0
- https://git.kernel.org/stable/c/4da9edeccf77d7b4c6dbcb34d5908acdaa5bd7e3
- https://git.kernel.org/stable/c/fe9cdc19861950582f077f254a12026e169eaee5
- https://git.kernel.org/stable/c/56901de563359de20513e16a9ae008ae2c22e9a9
- https://git.kernel.org/stable/c/ecf26d6e1b5450620c214feea537bb6ce05c6741
- https://git.kernel.org/stable/c/dd9b7c89a80428cc5f4ae0d2e1311fdedb2a1aac
- https://git.kernel.org/stable/c/38dbd6f72bfbeba009efe0e9ec1f3ff09f9e23fa
- https://git.kernel.org/stable/c/342161c11403ea00e9febc16baab1d883d589d04
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.