CVE-2023-54017

Summary

In the Linux kernel, the following vulnerability has been resolved:

powerpc/pseries: fix possible memory leak in ibmebus_bus_init()

If device_register() returns error in ibmebus_bus_init(), name of kobject which is allocated in dev_set_name() called in device_add() is leaked.

As comment of device_add() says, it should call put_device() to drop the reference count that was set in device_initialize() when it fails, so the name can be freed in kobject_cleanup().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd7a301033f1990188f65abf4fe8e5b90ef0e3888 < e4ff88548defafb1ef84facd9856ec252da7b008affected
LinuxLinuxd7a301033f1990188f65abf4fe8e5b90ef0e3888 < 3cc4c2f6c266fe5b33a7fa797f31e8b3f06ce58caffected
LinuxLinuxd7a301033f1990188f65abf4fe8e5b90ef0e3888 < 7ffe14fce7425c32e735bdc44bce425f18976a49affected
LinuxLinuxd7a301033f1990188f65abf4fe8e5b90ef0e3888 < 9f3b2b666833ebef6d0ce5a40e189f38e70342a1affected
LinuxLinuxd7a301033f1990188f65abf4fe8e5b90ef0e3888 < d35e7ae10eb8917883da2a0b1823c620a1be42d6affected
LinuxLinuxd7a301033f1990188f65abf4fe8e5b90ef0e3888 < 96f27ff732208dce6468016e7a7d5032bd1bfc23affected
LinuxLinuxd7a301033f1990188f65abf4fe8e5b90ef0e3888 < ebd8dc974fcc59e2851a0d89ee7935b55142dc8eaffected
LinuxLinuxd7a301033f1990188f65abf4fe8e5b90ef0e3888 < afda85b963c12947e298ad85d757e333aa40fd74affected
LinuxLinux2.6.16affected
LinuxLinux0 < 2.6.16unaffected
LinuxLinux4.14.326 <= 4.14.*unaffected
LinuxLinux4.19.295 <= 4.19.*unaffected
LinuxLinux5.4.257 <= 5.4.*unaffected
LinuxLinux5.10.197 <= 5.10.*unaffected
LinuxLinux5.15.133 <= 5.15.*unaffected
LinuxLinux6.1.55 <= 6.1.*unaffected
LinuxLinux6.5.5 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

References