Resource Leak in Linux Kernel Driver Core
CVE-2023-53594
What is CVE-2023-53594?
A resource leak vulnerability exists in the device_add function in the Linux kernel, specifically when the kobject_add function fails. The failure in kobject_add leads to a situation where the parent object of a device is incorrectly set to NULL, resulting in unfreed resources during cleanup operations. This bug can lead to issues when attempting to insmod mac80211_hwsim.ko, triggering error messages related to duplicate filenames in sysfs. The flaw highlights potential problems in module loading and device creation, impacting the stability and functionality of the kernel's device management system.
Affected Version(s)
Linux cebf8fd16900fdfd58c0028617944f808f97fe50 < 8d389e363075c2e1deb84a560686ea92123e4b8b
Linux cebf8fd16900fdfd58c0028617944f808f97fe50
Linux cebf8fd16900fdfd58c0028617944f808f97fe50