5.5
CVE-2023-53674
- EPSS 0.14%
- Veröffentlicht 07.10.2025 15:21:30
- Zuletzt bearbeitet 26.02.2026 23:15:35
- CVE-Watchlists
- Unerledigt
clk: Fix memory leak in devm_clk_notifier_register()
In the Linux kernel, the following vulnerability has been resolved: clk: Fix memory leak in devm_clk_notifier_register() devm_clk_notifier_register() allocates a devres resource for clk notifier but didn't register that to the device, so the notifier didn't get unregistered on device detach and the allocated resource was leaked. Fix the issue by registering the resource through devres_add(). This issue was found with kmemleak on a Chromebook.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linux ≫ Linux Kernel Version >= 5.11 < 5.15.121
Linux ≫ Linux Kernel Version >= 5.16 < 6.1.39
Linux ≫ Linux Kernel Version >= 6.2 < 6.3.13
Linux ≫ Linux Kernel Version >= 6.4 < 6.4.4
VulnDex Vulnerability Enrichment
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.14% | 0.033 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
|
CWE-401 Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, making the memory unavailable for reallocation and reuse.
https://git.kernel.org/stable/c/a326cf0107b197e649bbaa2a2b1355894826ce32
https://git.kernel.org/stable/c/49451db71b746df990888068961f1033f7c9b734
https://git.kernel.org/stable/c/cb1b04fd4283fc8f9acefe0ddc61ba072ed44877
https://git.kernel.org/stable/c/efbbda79b2881a04dcd0e8f28634933d79e17e49
https://git.kernel.org/stable/c/7fb933e56f77a57ef7cfc59fc34cbbf1b1fa31ff