| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025120904-CVE-2023-53858-87d4@gregkh> Date: Tue, 9 Dec 2025 10:31:42 +0900 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-53858: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: tty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() in case of error If clk_get_rate() fails, the clk that has just been allocated needs to be freed. The Linux kernel CVE team has assigned CVE-2023-53858 to this issue. Affected and fixed versions =========================== Issue introduced in 3.3 with commit 5f5a7a5578c5885201cf9c85856f023fe8b81765 and fixed in 4.14.322 with commit 755289d67eb9a74ae71bb624902e979c66859444 Issue introduced in 3.3 with commit 5f5a7a5578c5885201cf9c85856f023fe8b81765 and fixed in 4.19.291 with commit f47e6631a8fcc6fe05b8644aa4222a60f3b0a927 Issue introduced in 3.3 with commit 5f5a7a5578c5885201cf9c85856f023fe8b81765 and fixed in 5.4.251 with commit 30962268fa1a7466413b3d83037688129021d470 Issue introduced in 3.3 with commit 5f5a7a5578c5885201cf9c85856f023fe8b81765 and fixed in 5.10.188 with commit a49e5a05121c8bc471a57b4916c5393749c24de5 Issue introduced in 3.3 with commit 5f5a7a5578c5885201cf9c85856f023fe8b81765 and fixed in 5.15.121 with commit 073dbbe5743779faf24f233cc95459b47c7198dd Issue introduced in 3.3 with commit 5f5a7a5578c5885201cf9c85856f023fe8b81765 and fixed in 6.1.40 with commit 34f5b826dd509b76644f83094b4af7e7668a6a38 Issue introduced in 3.3 with commit 5f5a7a5578c5885201cf9c85856f023fe8b81765 and fixed in 6.4.5 with commit 1694fc8ad734e2909a9e40d2be03cc4423e0bee6 Issue introduced in 3.3 with commit 5f5a7a5578c5885201cf9c85856f023fe8b81765 and fixed in 6.5 with commit a9c09546e903f1068acfa38e1ee18bded7114b37 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-53858 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/tty/serial/samsung_tty.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/755289d67eb9a74ae71bb624902e979c66859444 https://git.kernel.org/stable/c/f47e6631a8fcc6fe05b8644aa4222a60f3b0a927 https://git.kernel.org/stable/c/30962268fa1a7466413b3d83037688129021d470 https://git.kernel.org/stable/c/a49e5a05121c8bc471a57b4916c5393749c24de5 https://git.kernel.org/stable/c/073dbbe5743779faf24f233cc95459b47c7198dd https://git.kernel.org/stable/c/34f5b826dd509b76644f83094b4af7e7668a6a38 https://git.kernel.org/stable/c/1694fc8ad734e2909a9e40d2be03cc4423e0bee6 https://git.kernel.org/stable/c/a9c09546e903f1068acfa38e1ee18bded7114b37
Powered by blists - more mailing lists