CVE-2023-54319

Summary

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: at91-pio4: check return value of devm_kasprintf()

devm_kasprintf() returns a pointer to dynamically allocated memory. Pointer could be NULL in case allocation fails. Check pointer validity. Identified with coccinelle (kmerr.cocci script).

Depends-on: 1c4e5c470a56 ("pinctrl: at91: use devm_kasprintf() to avoid potential leaks") Depends-on: 5a8f9cf269e8 ("pinctrl: at91-pio4: use proper format specifier for unsigned int")

Affected Software

VendorProductVersion RangeStatus
LinuxLinux776180848b574c9c01217fa958f10843ffce584f < 8d788f2ba830d6d32499b198c526d577c590eedfaffected
LinuxLinux776180848b574c9c01217fa958f10843ffce584f < 3e8ce1d5a1a9d758b359e5c426543957f35991f8affected
LinuxLinux776180848b574c9c01217fa958f10843ffce584f < aa3932eb07392d626486428e2ffddc660658e22aaffected
LinuxLinux776180848b574c9c01217fa958f10843ffce584f < f3c7b95c9991dab02e616fc251b6c3516e0bd0acaffected
LinuxLinux776180848b574c9c01217fa958f10843ffce584f < 0a95dd17a73b7603818ad7c46c99d757232be331affected
LinuxLinux776180848b574c9c01217fa958f10843ffce584f < 0af388fce352ed2ab383fd5d1a08db551ca15c38affected
LinuxLinux776180848b574c9c01217fa958f10843ffce584f < 5bfd577cc728270d6cd7af6c652a1e7661f25487affected
LinuxLinux776180848b574c9c01217fa958f10843ffce584f < 8a1fa202f47f39680a4305af744f499a324f8a03affected
LinuxLinux776180848b574c9c01217fa958f10843ffce584f < f6fd5d4ff8ca0b24cee1af4130bcb1fa96b61aa0affected
LinuxLinux4.4affected
LinuxLinux0 < 4.4unaffected
LinuxLinux4.14.322 <= 4.14.*unaffected
LinuxLinux4.19.291 <= 4.19.*unaffected
LinuxLinux5.4.251 <= 5.4.*unaffected
LinuxLinux5.10.188 <= 5.10.*unaffected
LinuxLinux5.15.121 <= 5.15.*unaffected
LinuxLinux6.1.39 <= 6.1.*unaffected
LinuxLinux6.3.13 <= 6.3.*unaffected
LinuxLinux6.4.4 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

References