CVE-2023-53567

Summary

In the Linux kernel, the following vulnerability has been resolved:

spi: qup: Don't skip cleanup in remove's error path

Returning early in a platform driver's remove callback is wrong. In this case the dma resources are not released in the error path. this is never retried later and so this is a permanent leak. To fix this, only skip hardware disabling if waking the device fails.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux64ff247a978facc437d40f0c9b754675846a98f0 < fd53f41bd86daa39b454fd4637a908ff2123547faffected
LinuxLinux64ff247a978facc437d40f0c9b754675846a98f0 < 8632384337038b97910c2f7bb5a3f377aa68d001affected
LinuxLinux64ff247a978facc437d40f0c9b754675846a98f0 < bc88243bbe6140d289bb32b4ee4607ba5ce1124aaffected
LinuxLinux64ff247a978facc437d40f0c9b754675846a98f0 < f345d4d71e87d878437417ffbb9a7d4e16d235ebaffected
LinuxLinux64ff247a978facc437d40f0c9b754675846a98f0 < 2d0f63077f481f11a07f20eab1c1f4367dfaef32affected
LinuxLinux64ff247a978facc437d40f0c9b754675846a98f0 < 55ecdcd12bc176b86fecbcb125ac814ac8fe857aaffected
LinuxLinux64ff247a978facc437d40f0c9b754675846a98f0 < 49c17fccae36505550c9121891722fff337f148aaffected
LinuxLinux64ff247a978facc437d40f0c9b754675846a98f0 < 61f49171a43ab1f80c73c5c88c508770c461e0f2affected
LinuxLinux3.15affected
LinuxLinux0 < 3.15unaffected
LinuxLinux4.19.283 <= 4.19.*unaffected
LinuxLinux5.4.243 <= 5.4.*unaffected
LinuxLinux5.10.180 <= 5.10.*unaffected
LinuxLinux5.15.111 <= 5.15.*unaffected
LinuxLinux6.1.28 <= 6.1.*unaffected
LinuxLinux6.2.15 <= 6.2.*unaffected
LinuxLinux6.3.2 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

References