Memory Leak in Linux Kernel's NFC Implementation
CVE-2023-53298
Currently unrated
What is CVE-2023-53298?
A memory leak vulnerability exists in the NFC implementation of the Linux kernel. The callback context, responsible for handling APDUs to and from the secure element, may not be released in certain error scenarios, leading to a draining of memory resources. This occurs due to multiple error paths that bypass the function expected to free the associated cb_context. The issue has been mitigated in recent patches, which explicitly free the cb_context on the identified error paths to enhance system stability and security.
Affected Version(s)
Linux 5ce3f32b5264b337bfd13a780452a17705307725 < 5321da6d84b87a34eea441677d649c34bd854169
Linux 5ce3f32b5264b337bfd13a780452a17705307725
Linux 5ce3f32b5264b337bfd13a780452a17705307725 < 271eed1736426103335c5aac50f15b0f4d236bc0