CVE-2023-53700

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a memory leak in the max9286 v4l2 register() function within the media subsystem. This leak occurs when testing the media/i2c/max9286.c file with a bpf mock device. Specifically, the function calls v4l2 ctrl new std(), but fails to free the created v4l2 ctrl when fwnode graph get endpoint by id() fails, resulting in a memory leak. The leak is identified by the presence of unreferenced objects in the kernel debugfs at /sys/kernel/debug/kmemleak. The backtrace indicates involvement of functions like kmalloc node, kvmalloc node, v4l2 ctrl new, v4l2 ctrl new std, max9286 probe, i2c device probe, and others related to device probing and initialization.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.