CVE-2023-52663
MEDIUMLinux Kernel < 6.6.23 - Memory Leak
Title source: ruleDescription
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: amd: Fix memory leak in amd_sof_acp_probe() Driver uses kasprintf() to initialize fw_{code,data}_bin members of struct acp_dev_data, but kfree() is never called to deallocate the memory, which results in a memory leak. Fix the issue by switching to devm_kasprintf(). Additionally, ensure the allocation was successful by checking the pointer validity.
References (4)
Scores
CVSS v3
5.5
EPSS
0.0002
EPSS Percentile
4.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Classification
CWE
CWE-401
Status
published
Affected Products (1)
linux/linux_kernel
< 6.6.23
Timeline
Published
May 17, 2024
Tracked Since
Feb 18, 2026