CVE-2023-53719

Summary

In the Linux kernel, the following vulnerability has been resolved:

serial: arc_uart: fix of_iomap leak in arc_serial_probe

Smatch reports:

drivers/tty/serial/arc_uart.c:631 arc_serial_probe() warn: 'port->membase' from of_iomap() not released on lines: 631.

In arc_serial_probe(), if uart_add_one_port() fails, port->membase is not released, which would cause a resource leak.

To fix this, I replace of_iomap with devm_platform_ioremap_resource.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux8dbe1d5e09a7faec8d22cadcc1011acab8fa6e2a < 3f00df24a5021a6f02c1830a290acd4bceb22a2daffected
LinuxLinux8dbe1d5e09a7faec8d22cadcc1011acab8fa6e2a < 7525aa211758cc023a371e010d16ceaae1057807affected
LinuxLinux8dbe1d5e09a7faec8d22cadcc1011acab8fa6e2a < 153017561d2804cfae87cc9aa377aa84dd906ae1affected
LinuxLinux8dbe1d5e09a7faec8d22cadcc1011acab8fa6e2a < f76a18e53a66c0ef2938276110717b3805720cd9affected
LinuxLinux8dbe1d5e09a7faec8d22cadcc1011acab8fa6e2a < 081790eee6b47389a0d895262086d64c6a38d6e5affected
LinuxLinux8dbe1d5e09a7faec8d22cadcc1011acab8fa6e2a < 40a462313ba4f337a2b419e7fb4a670f3dd95e14affected
LinuxLinux8dbe1d5e09a7faec8d22cadcc1011acab8fa6e2a < 8ab5fc55d7f65d58a3c3aeadf11bdf60267cd2bdaffected
LinuxLinux3.17affected
LinuxLinux0 < 3.17unaffected
LinuxLinux4.19.284 <= 4.19.*unaffected
LinuxLinux5.4.244 <= 5.4.*unaffected
LinuxLinux5.10.181 <= 5.10.*unaffected
LinuxLinux5.15.113 <= 5.15.*unaffected
LinuxLinux6.1.30 <= 6.1.*unaffected
LinuxLinux6.3.4 <= 6.3.*unaffected
LinuxLinux6.4 <= *unaffected

Weaknesses

References