CVE-2023-52838

MEDIUM

Linux Kernel 4.14.322-4.15 - Use-After-Free in imsttfb Probe

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: fbdev: imsttfb: fix a resource leak in probe I've re-written the error handling but the bug is that if init_imstt() fails we need to call iounmap(par->cmap_regs).

References (8)

Core 8

Core References

Patch

https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485

Patch

https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d

Patch

https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4

Patch

https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513

Patch

https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d

Patch

https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a

Patch

https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00

Patch

https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b

Scores

CVSS v3 6.2

EPSS 0.0025

EPSS Percentile 16.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-416

Status published

Products (28)

Linux/Linux < 6.4

Linux/Linux 2bf70b88cc358a437db376826f92c8dcf9c23587 - a4dfebec32ec6d420a5506dd56a7834c91be28e4

Linux/Linux 4.14.322 - 4.15

Linux/Linux 4.19.291 - 4.19.299

Linux/Linux 4.19.299 - 4.19.*

Linux/Linux 4c86974fb42281b8041a504d92ab341ad4697325

Linux/Linux 5.10.188 - 5.10.201

Linux/Linux 5.10.201 - 5.10.*

Linux/Linux 5.15.116 - 5.15.139

Linux/Linux 5.15.139 - 5.15.*

... and 18 more

Published May 21, 2024

Tracked Since Feb 18, 2026