CVE-2023-54221

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to memory management and resource handling within the imx93 clock driver. Specifically, the probe() function does not properly release hardware resources (hws) when an error occurs during initialization, leading to a memory leak. The issue arises from a direct return from the function without unregistering these resources. Additionally, the code lacks a proper unwind mechanism for error handling. The fix involves adding a 'goto unregister hws;' statement to ensure resource cleanup and utilizing devm kzalloc() and devm of iomap() for automatic memory and ioremap region management, respectively. The vulnerable function is probe().

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.