Memory Leak Vulnerability in Linux Kernel's Host1x Management
CVE-2023-53514
What is CVE-2023-53514?
A memory leak vulnerability was discovered in the Linux kernel's host1x subsystem. This issue arises from the failure to properly release device names allocated through the “dev_set_name()” function before the module unloading process. The root cause is the incorrect reference counting for kobjects initialized in specific contexts, leading to allocated names not being freed. To mitigate this issue, developers are advised to utilize “device_unregister()” to correctly unregister successfully added devices, and to call “put_device()” for not added devices. Additionally, a release function was implemented in the device structure to prevent warnings associated with empty release functions.
Affected Version(s)
Linux 8aa5bcb61612060429223d1fbb7a1c30a579fc1f < 958c6cbc32996c375af42db96ceba021a1959899
Linux 8aa5bcb61612060429223d1fbb7a1c30a579fc1f
Linux 8aa5bcb61612060429223d1fbb7a1c30a579fc1f < 3ab0f5ddb761270b11d8c90b8550a59666cfc9bb