PT-2024-14692 · Linux · Linux Kernel
Dan Carpenter
·
Published
2023-12-18
·
Updated
2024-11-06
·
CVE-2023-52684
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel (affected versions not specified)
Description
The issue is related to memory leaks in error paths in the Linux kernel, specifically in the qseecom firmware component. The problem occurs when error codes are returned directly instead of jumping to the relevant labels where memory allocated for the SCM calls would be freed.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Memory Leak
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Linux Kernel