CVE-2023-54020

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a memory leak in the dmaengine subsystem, specifically within the sf-pdma driver. A change introduced by commit b2cc5c465c2c altered the behavior of the sf pdma prep dma memcpy() function to unconditionally allocate a new sf pdma desc each time it is called. However, the corresponding sf pdma free desc() function was not updated to handle this new behavior, resulting in memory leaks each time sf pdma prep dma memcpy() is invoked. This can lead to memory starvation over time. The backtrace indicates the issue occurs within the irq/39-mchp dsc process. The fix involves adding a missing kfree() call to sf pdma free desc() and removing the redundant in use flag.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.