CVE-2023-53704

Summary

In the Linux kernel, the following vulnerability has been resolved:

clk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()

Replace of_iomap() and kzalloc() with devm_of_iomap() and devm_kzalloc() which can automatically release the related memory when the device or driver is removed or unloaded to avoid potential memory leak.

In this case, iounmap(anatop_base) in line 427,433 are removed as manual release is not required.

Besides, referring to clk-imx8mq.c, check the return code of of_clk_add_hw_provider, if it returns negtive, print error info and unregister hws, which makes the program more robust.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux9c140d9926761b0f5d329ff6c09a1540f3d5e1d3 < cb047c13bbf9018693ae31f03a5a26b212d02f13affected
LinuxLinux9c140d9926761b0f5d329ff6c09a1540f3d5e1d3 < bcea444ab4c045864b55d67313833d606676602aaffected
LinuxLinux9c140d9926761b0f5d329ff6c09a1540f3d5e1d3 < 6317d0302655f7e854cd4f31e93b47d35cb058bbaffected
LinuxLinux9c140d9926761b0f5d329ff6c09a1540f3d5e1d3 < 5bcf140e9e6cf76f1f1bd1f489a14ca4d49f9a1aaffected
LinuxLinux9c140d9926761b0f5d329ff6c09a1540f3d5e1d3 < 92ce7629a11ae62292e1cfaa6132dab081fc80eeaffected
LinuxLinux9c140d9926761b0f5d329ff6c09a1540f3d5e1d3 < 878b02d5f3b56cb090dbe2c70c89273be144087faffected
LinuxLinux5.6affected
LinuxLinux0 < 5.6unaffected
LinuxLinux5.10.188 <= 5.10.*unaffected
LinuxLinux5.15.121 <= 5.15.*unaffected
LinuxLinux6.1.39 <= 6.1.*unaffected
LinuxLinux6.3.13 <= 6.3.*unaffected
LinuxLinux6.4.4 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

References