CVE-2023-53435

Summary

In the Linux kernel, the following vulnerability has been resolved:

cassini: Fix a memory leak in the error handling path of cas_init_one()

cas_saturn_firmware_init() allocates some memory using vmalloc(). This memory is freed in the .remove() function but not it the error handling path of the probe.

Add the missing vfree() to avoid a memory leak, should an error occur.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxfcaa40669cd798ca2ac0d15441e8a1d1145f2b16 < 11c0ed097a874156957b515d0ba7e356142eab87affected
LinuxLinuxfcaa40669cd798ca2ac0d15441e8a1d1145f2b16 < 60d8e8b88087d68e10c8991a0f6733fa2f963ff0affected
LinuxLinuxfcaa40669cd798ca2ac0d15441e8a1d1145f2b16 < e20105d967ab5b53ff50a0e5991fe37324d2ba20affected
LinuxLinuxfcaa40669cd798ca2ac0d15441e8a1d1145f2b16 < dc61f7582cc92d547d02e141cd66f5d1f4ed8012affected
LinuxLinuxfcaa40669cd798ca2ac0d15441e8a1d1145f2b16 < 234e744d86bd95b381d24546df2dba72804e0219affected
LinuxLinuxfcaa40669cd798ca2ac0d15441e8a1d1145f2b16 < 172146c26f0c1b86ab4e9ebffc7e06f04229fa17affected
LinuxLinuxfcaa40669cd798ca2ac0d15441e8a1d1145f2b16 < b8b1a667744741fa7807b09a12797a27f14f3facaffected
LinuxLinuxfcaa40669cd798ca2ac0d15441e8a1d1145f2b16 < 412cd77a2c24b191c65ea53025222418db09817caffected
LinuxLinux2.6.28affected
LinuxLinux0 < 2.6.28unaffected
LinuxLinux4.14.316 <= 4.14.*unaffected
LinuxLinux4.19.284 <= 4.19.*unaffected
LinuxLinux5.4.244 <= 5.4.*unaffected
LinuxLinux5.10.181 <= 5.10.*unaffected
LinuxLinux5.15.113 <= 5.15.*unaffected
LinuxLinux6.1.30 <= 6.1.*unaffected
LinuxLinux6.3.4 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References