CVE-2023-52684

MEDIUM

Linux Kernel < 6.7.2 - Memory Leak

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: qseecom: fix memory leaks in error paths Fix instances of returning error codes directly instead of jumping to the relevant labels where memory allocated for the SCM calls would be freed.

References (2)

[Patch] https://git.kernel.org/stable/c/6c57d7b593c4a4e60db65d5ce0fe1d9f79ccbe9b

[Patch] https://git.kernel.org/stable/c/85fdbf6840455be64eac16bdfe0df3368ee3d0f0

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 4.9%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (1)

linux/linux_kernel < 6.7.2

Timeline

Published May 17, 2024

Tracked Since Feb 18, 2026