CVE-2023-54208
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
media: ov5675: Fix memleak in ov5675_init_controls()
There is a kmemleak when testing the media/i2c/ov5675.c with bpf mock device:
AssertionError: unreferenced object 0xffff888107362160 (size 16): comm "python3", pid 277, jiffies 4294832798 (age 20.722s) hex dump (first 16 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ……………. backtrace: [<00000000abe7d67c>] __kmalloc_node+0x44/0x1b0 [<000000008a725aac>] kvmalloc_node+0x34/0x180 [<000000009a53cd11>] v4l2_ctrl_handler_init_class+0x11d/0x180 [videodev] [<0000000055b46db0>] ov5675_probe+0x38b/0x897 [ov5675] [<00000000153d886c>] i2c_device_probe+0x28d/0x680 [<000000004afb7e8f>] really_probe+0x17c/0x3f0 [<00000000ff2f18e4>] __driver_probe_device+0xe3/0x170 [<000000000a001029>] driver_probe_device+0x49/0x120 [<00000000e39743c7>] __device_attach_driver+0xf7/0x150 [<00000000d32fd070>] bus_for_each_drv+0x114/0x180 [<000000009083ac41>] __device_attach+0x1e5/0x2d0 [<0000000015b4a830>] bus_probe_device+0x126/0x140 [<000000007813deaf>] device_add+0x810/0x1130 [<000000007becb867>] i2c_new_client_device+0x386/0x540 [<000000007f9cf4b4>] of_i2c_register_device+0xf1/0x110 [<00000000ebfdd032>] of_i2c_notify+0xfc/0x1f0
ov5675_init_controls() won't clean all the allocated resources in fail path, which may causes the memleaks. Add v4l2_ctrl_handler_free() to prevent memleak.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | bf27502b1f3bf8095bf81736e506d354a2ce9ec4 < 086a80b842bcb621d6c4eedad20683f1f674d0c2 | affected |
| Linux | Linux | bf27502b1f3bf8095bf81736e506d354a2ce9ec4 < bcae9115a163198dce9126aa8bedc1c007ec30ed | affected |
| Linux | Linux | bf27502b1f3bf8095bf81736e506d354a2ce9ec4 < ba54908ae8225d58f1830edb394d4153bcb7d0aa | affected |
| Linux | Linux | bf27502b1f3bf8095bf81736e506d354a2ce9ec4 < 49b849824b9862f177fc77fc92ef95ec54566ecf | affected |
| Linux | Linux | bf27502b1f3bf8095bf81736e506d354a2ce9ec4 < 7a36a6be694df87d019663863b922913947b42af | affected |
| Linux | Linux | bf27502b1f3bf8095bf81736e506d354a2ce9ec4 < dd74ed6c213003533e3abf4c204374ef01d86978 | affected |
| Linux | Linux | 5.4 | affected |
| Linux | Linux | 0 < 5.4 | unaffected |
| Linux | Linux | 5.4.235 <= 5.4.* | unaffected |
| Linux | Linux | 5.10.173 <= 5.10.* | unaffected |
| Linux | Linux | 5.15.99 <= 5.15.* | unaffected |
| Linux | Linux | 6.1.16 <= 6.1.* | unaffected |
| Linux | Linux | 6.2.3 <= 6.2.* | unaffected |
| Linux | Linux | 6.3 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/086a80b842bcb621d6c4eedad20683f1f674d0c2
- https://git.kernel.org/stable/c/bcae9115a163198dce9126aa8bedc1c007ec30ed
- https://git.kernel.org/stable/c/ba54908ae8225d58f1830edb394d4153bcb7d0aa
- https://git.kernel.org/stable/c/49b849824b9862f177fc77fc92ef95ec54566ecf
- https://git.kernel.org/stable/c/7a36a6be694df87d019663863b922913947b42af
- https://git.kernel.org/stable/c/dd74ed6c213003533e3abf4c204374ef01d86978
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.