CVE-2023-53594

In the Linux kernel, the following vulnerability has been resolved:

driver core: fix resource leak in device_add()

When calling kobjectadd() failed in deviceadd(), it will call cleanupgluedir() to free resource. But in kobject_add(), dev->kobj.parent has been set to NULL. This will cause resource leak.

The process is as follows: deviceadd() getdeviceparent() classdircreateandadd() kobjectadd() //kobjectget() ... dev->kobj.parent = kobj; ... kobjectadd() //failed, but set dev->kobj.parent = NULL ... gluedir = getgluedir(dev) //gluedir = NULL, and goto //"Error" label ... cleanupgluedir() //becaues gluedir is NULL, not call //kobjectput()

The preceding problem may cause insmod mac80211hwsim.ko to failed. sysfs: cannot create duplicate filename '/devices/virtual/mac80211hwsim' Call Trace: <TASK> dumpstacklvl+0x8e/0xd1 sysfswarndup.cold+0x1c/0x29 sysfscreatedirns+0x224/0x280 kobjectaddinternal+0x2aa/0x880 kobjectadd+0x135/0x1a0 getdeviceparent+0x3d7/0x590 deviceadd+0x2aa/0x1cb0 devicecreategroupsvargs+0x1eb/0x260 devicecreate+0xdc/0x110 mac80211hwsimnewradio+0x31e/0x4790 [mac80211hwsim] initmac80211hwsim+0x48d/0x1000 [mac80211hwsim] dooneinitcall+0x10f/0x630 doinitmodule+0x19f/0x5e0 load_module+0x64b7/0x6eb0 __dosysfinitmodule+0x140/0x200 dosyscall64+0x35/0x80 entrySYSCALL64afterhwframe+0x46/0xb0 </TASK> kobjectaddinternal failed for mac80211hwsim with -EEXIST, don't try to register things with the same name in the same directory.