CVE-2023-53422

Summary

In the Linux kernel, the following vulnerability has been resolved:

wifi: iwlwifi: fw: fix memory leak in debugfs

Fix a memory leak that occurs when reading the fw_info file all the way, since we return NULL indicating no more data, but don't free the status tracking object.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux36dfe9ac6e8b8fc2e25733d003a867a40db791da < 89496d6cff297c88fe0286a440c380ceb172da2baffected
LinuxLinux36dfe9ac6e8b8fc2e25733d003a867a40db791da < e302e9ca14a86a80eadfb24a34d8675aadaf3ef3affected
LinuxLinux36dfe9ac6e8b8fc2e25733d003a867a40db791da < 37f64bc8e001f216566d17ef9fd5608c762ebcd4affected
LinuxLinux36dfe9ac6e8b8fc2e25733d003a867a40db791da < fe17124282da055cb2e53f0131521459b5c7866caffected
LinuxLinux36dfe9ac6e8b8fc2e25733d003a867a40db791da < b830ba20b43be52eae7d4087b61a0079dec56820affected
LinuxLinux36dfe9ac6e8b8fc2e25733d003a867a40db791da < 3d90d2f4a018fe8cfd65068bc6350b6222be4852affected
LinuxLinux5.8affected
LinuxLinux0 < 5.8unaffected
LinuxLinux5.10.180 <= 5.10.*unaffected
LinuxLinux5.15.111 <= 5.15.*unaffected
LinuxLinux6.1.28 <= 6.1.*unaffected
LinuxLinux6.2.15 <= 6.2.*unaffected
LinuxLinux6.3.2 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References