CVE-2023-54221Missing Release of Resource after Effective Lifetime in Linux

CWE-772Missing Release of Resource after Effective Lifetime7 documents6 sources
Severity
3.3LOW
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe In function probe(), it returns directly without unregistered hws when error occurs. Fix this by adding 'goto unregister_hws;' on line 295 and line 310. Use devm_kzalloc() instead of kzalloc() to automatically free the memory using devm_kfree() when error occurs. Replace of_iomap() with devm_of_iomap() to automatically handle the unused ioremap region

Affected Packages4 packages

Linuxlinux/linux_kernel5.18.06.1.39+2
Debianlinux/linux_kernel< 6.1.52-1+2
CVEListV5linux/linux24defbe194b650218680fcd9dec8cd103537b531280a5ff665e12d1e0c54c20cedc9c5008aa686a5+4
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
OSV
clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe2025-12-30
OSV
CVE-2023-54221: In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe In funct2025-12-30
GHSA
GHSA-c6v6-34rg-jgwv: In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe In fun2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe2025-12-30
Debian
CVE-2023-54221: linux - In the Linux kernel, the following vulnerability has been resolved: clk: imx93:...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54221 Impact, Exploitability, and Mitigation Steps | Wiz