5.5

CVE-2023-53249

clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe

In the Linux kernel, the following vulnerability has been resolved:

clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe

Use devm_of_iomap() instead of of_iomap() to automatically handle
the unused ioremap region.

If any error occurs, regions allocated by kzalloc() will leak,
but using devm_kzalloc() instead will automatically free the memory
using devm_kfree().
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.4 < 5.10.188
LinuxLinux Kernel Version >= 5.11 < 5.15.121
LinuxLinux Kernel Version >= 5.16 < 6.1.39
LinuxLinux Kernel Version >= 6.2 < 6.3.13
LinuxLinux Kernel Version >= 6.4 < 6.4.4
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.14% 0.033
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-401 Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.

https://git.kernel.org/stable/c/294321349bd3b0680847fc2bbe66b9ab3e522fea
Patch
https://git.kernel.org/stable/c/50b5ddde8fad5f0ffd239029d0956af633a0f9b1
Patch
https://git.kernel.org/stable/c/9ba3693b0350b154fdd7830559bbc7b04c067096
Patch
https://git.kernel.org/stable/c/9428cf0fbf4be9a24f3e15a0c166b861b12666af
Patch
https://git.kernel.org/stable/c/d4fa5e47af1e7bb2bbcaac062b14216c00e92148
Patch
https://git.kernel.org/stable/c/188d070de9132667956f5aadd98d2bd87d3eac89
Patch