CVE-2023-53674

Summary

In the Linux kernel, the following vulnerability has been resolved:

clk: Fix memory leak in devm_clk_notifier_register()

devm_clk_notifier_register() allocates a devres resource for clk notifier but didn't register that to the device, so the notifier didn't get unregistered on device detach and the allocated resource was leaked.

Fix the issue by registering the resource through devres_add().

This issue was found with kmemleak on a Chromebook.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux6d30d50d037dfa092f9d5d1fffa348ab4abb7163 < a326cf0107b197e649bbaa2a2b1355894826ce32affected
LinuxLinux6d30d50d037dfa092f9d5d1fffa348ab4abb7163 < 49451db71b746df990888068961f1033f7c9b734affected
LinuxLinux6d30d50d037dfa092f9d5d1fffa348ab4abb7163 < cb1b04fd4283fc8f9acefe0ddc61ba072ed44877affected
LinuxLinux6d30d50d037dfa092f9d5d1fffa348ab4abb7163 < efbbda79b2881a04dcd0e8f28634933d79e17e49affected
LinuxLinux6d30d50d037dfa092f9d5d1fffa348ab4abb7163 < 7fb933e56f77a57ef7cfc59fc34cbbf1b1fa31ffaffected
LinuxLinux5.11affected
LinuxLinux0 < 5.11unaffected
LinuxLinux5.15.121 <= 5.15.*unaffected
LinuxLinux6.1.39 <= 6.1.*unaffected
LinuxLinux6.3.13 <= 6.3.*unaffected
LinuxLinux6.4.4 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

References