CVE-2023-53746

The device release callback function invoked to release the matrix device uses the devgetdrvdata(device *dev) function to retrieve the pointer to the vfiomatrixdev object in order to free its storage. The problem is, this object is not stored as drvdata with the device; since the kfree function will accept a NULL pointer, the memory for the vfiomatrixdev object is never freed.

Since the device being released is contained within the vfiomatrixdev object, the container_of macro will be used to retrieve its pointer.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53746.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

1fde573413b549d52183382e639c1d6ce88f5959

Fixed

5195de1d5f66b276683240a896783f7f43c4f664

Fixed

ee17dea3072dec0bc34399a32fa884e26342e4ea

Fixed

aa2bff25e9bb10c935c7ffe3d5f5975bdccb1749

Fixed

6a40fda14b4be3e38f03cc42ffd4efbc64fb3e67

Fixed

7b6a02f5bf15931464c79dfd487c57f76aae3496

Fixed

8f8cf767589f2131ae5d40f3758429095c701c84

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53746.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.20.0

Fixed

5.4.240

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.177

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.106

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.23

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.2.10

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53746.json"