CVE-2023-53196

In the Linux kernel, the following vulnerability has been resolved:

usb: dwc3: qcom: Fix potential memory leak

Function dwc3_qcom_probe() allocates memory for resource structure
which is pointed by parent_res pointer. This memory is not
freed. This leads to memory leak. Use stack memory to prevent
memory leak.

Found by Linux Verification Center (linuxtesting.org) with SVACE.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
VendorProductVersion
linuxlinux_kernel
5.3 ≤
𝑥
< 5.4.251
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.188
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.121
linuxlinux_kernel
5.16 ≤
𝑥
< 6.1.39
linuxlinux_kernel
6.2 ≤
𝑥
< 6.4.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.237-1
fixed
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.147-1
fixed
trixie
6.12.43-1
fixed
trixie (security)
6.12.41-1
fixed
forky
6.16.3-1
fixed
sid
6.16.7-1
fixed
Common Weakness Enumeration
References
https://git.kernel.org/stable/c/097fb3ee710d4de83b8d4f5589e8ee13e0f0541e
https://git.kernel.org/stable/c/134a7d4642f11daed6bbc378f930a54dd0322291
https://git.kernel.org/stable/c/648a163cff21ea355c8765e882ba8bf66a870a3e
https://git.kernel.org/stable/c/74f8606ddfa450d2255b4e61472a7632def1e8c4
https://git.kernel.org/stable/c/b626cd5e4a87a281629e0c2b07519990077c0fbe
https://git.kernel.org/stable/c/c3b322b84ab5dda7eaca9ded763628b7467734f4