CVE-2023-53594
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
driver core: fix resource leak in device_add()
When calling kobject_add() failed in device_add(), it will call cleanup_glue_dir() to free resource. But in kobject_add(), dev->kobj.parent has been set to NULL. This will cause resource leak.
The process is as follows: device_add() get_device_parent() class_dir_create_and_add() kobject_add() //kobject_get() … dev->kobj.parent = kobj; … kobject_add() //failed, but set dev->kobj.parent = NULL … glue_dir = get_glue_dir(dev) //glue_dir = NULL, and goto //"Error" label … cleanup_glue_dir() //becaues glue_dir is NULL, not call //kobject_put()
The preceding problem may cause insmod mac80211_hwsim.ko to failed. sysfs: cannot create duplicate filename '/devices/virtual/mac80211_hwsim' Call Trace: <TASK> dump_stack_lvl+0x8e/0xd1 sysfs_warn_dup.cold+0x1c/0x29 sysfs_create_dir_ns+0x224/0x280 kobject_add_internal+0x2aa/0x880 kobject_add+0x135/0x1a0 get_device_parent+0x3d7/0x590 device_add+0x2aa/0x1cb0 device_create_groups_vargs+0x1eb/0x260 device_create+0xdc/0x110 mac80211_hwsim_new_radio+0x31e/0x4790 [mac80211_hwsim] init_mac80211_hwsim+0x48d/0x1000 [mac80211_hwsim] do_one_initcall+0x10f/0x630 do_init_module+0x19f/0x5e0 load_module+0x64b7/0x6eb0 __do_sys_finit_module+0x140/0x200 do_syscall_64+0x35/0x80 entry_SYSCALL_64_after_hwframe+0x46/0xb0 </TASK> kobject_add_internal failed for mac80211_hwsim with -EEXIST, don't try to register things with the same name in the same directory.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | cebf8fd16900fdfd58c0028617944f808f97fe50 < 8d389e363075c2e1deb84a560686ea92123e4b8b | affected |
| Linux | Linux | cebf8fd16900fdfd58c0028617944f808f97fe50 < d1dbff10c6cd3b43457f3efd3c9c4950009635bf | affected |
| Linux | Linux | cebf8fd16900fdfd58c0028617944f808f97fe50 < f39d21154db87545d8f0b25d13c326f37cc32239 | affected |
| Linux | Linux | cebf8fd16900fdfd58c0028617944f808f97fe50 < 6977b1a5d67097eaa4d02b0c126c04cc6e8917c0 | affected |
| Linux | Linux | e7f6e3c9db4b6f259c89fd05728d024ab32acd71 | affected |
| Linux | Linux | a93a63333dbdb182b87e8cc99df8b4474f867acb | affected |
| Linux | Linux | 37de955c11b59050346e530143c20b10b4846527 | affected |
| Linux | Linux | 645897231f960590220144b06d1f994b7eb88326 | affected |
| Linux | Linux | 3.10.105 < 3.11 | affected |
| Linux | Linux | 3.12.70 < 3.13 | affected |
| Linux | Linux | 4.4.40 < 4.5 | affected |
| Linux | Linux | 4.8.16 < 4.9 | affected |
| Linux | Linux | 4.9 | affected |
| Linux | Linux | 0 < 4.9 | unaffected |
| Linux | Linux | 5.15.99 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.16 <= 6.1.* | unaffected |
| Linux | Linux | 6.2.3 <= 6.2.* | unaffected |
| Linux | Linux | 6.3 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/8d389e363075c2e1deb84a560686ea92123e4b8b
- https://git.kernel.org/stable/c/d1dbff10c6cd3b43457f3efd3c9c4950009635bf
- https://git.kernel.org/stable/c/f39d21154db87545d8f0b25d13c326f37cc32239
- https://git.kernel.org/stable/c/6977b1a5d67097eaa4d02b0c126c04cc6e8917c0
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.