CVE-2023-54221

Summary

In the Linux kernel, the following vulnerability has been resolved:

clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe

In function probe(), it returns directly without unregistered hws when error occurs.

Fix this by adding 'goto unregister_hws;' on line 295 and line 310.

Use devm_kzalloc() instead of kzalloc() to automatically free the memory using devm_kfree() when error occurs.

Replace of_iomap() with devm_of_iomap() to automatically handle the unused ioremap region and delete 'iounmap(anatop_base);' in unregister_hws.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux24defbe194b650218680fcd9dec8cd103537b531 < 280a5ff665e12d1e0c54c20cedc9c5008aa686a5affected
LinuxLinux24defbe194b650218680fcd9dec8cd103537b531 < fac9c624138c4bc021d7a8ee3b974c9e10926d92affected
LinuxLinux24defbe194b650218680fcd9dec8cd103537b531 < d17c16a2b2a6589c45b0bfb1b9914da80b72d89eaffected
LinuxLinux24defbe194b650218680fcd9dec8cd103537b531 < e02ba11b457647050cb16e7cad16cec3c252fadeaffected
LinuxLinux5.18affected
LinuxLinux0 < 5.18unaffected
LinuxLinux6.1.39 <= 6.1.*unaffected
LinuxLinux6.3.13 <= 6.3.*unaffected
LinuxLinux6.4.4 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

References