CVE-2023-54091
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
drm/client: Fix memory leak in drm_client_target_cloned
dmt_mode is allocated and never freed in this function. It was found with the ast driver, but most drivers using generic fbdev setup are probably affected.
This fixes the following kmemleak report: backtrace: [<00000000b391296d>] drm_mode_duplicate+0x45/0x220 [drm] [<00000000e45bb5b3>] drm_client_target_cloned.constprop.0+0x27b/0x480 [drm] [<00000000ed2d3a37>] drm_client_modeset_probe+0x6bd/0xf50 [drm] [<0000000010e5cc9d>] __drm_fb_helper_initial_config_and_unlock+0xb4/0x2c0 [drm_kms_helper] [<00000000909f82ca>] drm_fbdev_client_hotplug+0x2bc/0x4d0 [drm_kms_helper] [<00000000063a69aa>] drm_client_register+0x169/0x240 [drm] [<00000000a8c61525>] ast_pci_probe+0x142/0x190 [ast] [<00000000987f19bb>] local_pci_probe+0xdc/0x180 [<000000004fca231b>] work_for_cpu_fn+0x4e/0xa0 [<0000000000b85301>] process_one_work+0x8b7/0x1540 [<000000003375b17c>] worker_thread+0x70a/0xed0 [<00000000b0d43cd9>] kthread+0x29f/0x340 [<000000008d770833>] ret_from_fork+0x1f/0x30 unreferenced object 0xff11000333089a00 (size 128):
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a < d3009700f48602b557eade1f22c98b6bc20247e8 | affected |
| Linux | Linux | 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a < a4b978249e8fa94956fce8b70a709f7797716f62 | affected |
| Linux | Linux | 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a < 52daf6ba2e0d201640cb1ce42049c5c4426b4d6e | affected |
| Linux | Linux | 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a < 105275879a80503686a8108af2f5c579a1c5aef4 | affected |
| Linux | Linux | 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a < a85e23a1ef63e45a18f0a30d7816fcb4a865ca95 | affected |
| Linux | Linux | 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a < b5359d7a5087ac398fc429da6833133b4784c268 | affected |
| Linux | Linux | 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a < 4b596a6e2d2e0f9c14e4122506dd715f43fcd727 | affected |
| Linux | Linux | 1d42bbc8f7f9ce4d852692ef7aa336b133b0830a < c2a88e8bdf5f6239948d75283d0ae7e0c7945b03 | affected |
| Linux | Linux | 2.6.35 | affected |
| Linux | Linux | 0 < 2.6.35 | unaffected |
| Linux | Linux | 4.14.322 <= 4.14.* | unaffected |
| Linux | Linux | 4.19.291 <= 4.19.* | unaffected |
| Linux | Linux | 5.4.251 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.188 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.123 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.42 <= 6.1.* | unaffected |
| Linux | Linux | 6.4.7 <= 6.4.* | unaffected |
| Linux | Linux | 6.5 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/d3009700f48602b557eade1f22c98b6bc20247e8
- https://git.kernel.org/stable/c/a4b978249e8fa94956fce8b70a709f7797716f62
- https://git.kernel.org/stable/c/52daf6ba2e0d201640cb1ce42049c5c4426b4d6e
- https://git.kernel.org/stable/c/105275879a80503686a8108af2f5c579a1c5aef4
- https://git.kernel.org/stable/c/a85e23a1ef63e45a18f0a30d7816fcb4a865ca95
- https://git.kernel.org/stable/c/b5359d7a5087ac398fc429da6833133b4784c268
- https://git.kernel.org/stable/c/4b596a6e2d2e0f9c14e4122506dd715f43fcd727
- https://git.kernel.org/stable/c/c2a88e8bdf5f6239948d75283d0ae7e0c7945b03
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.