CVE-2023-53719

In the Linux kernel, the following vulnerability has been resolved:

serial: arc_uart: fix of_iomap leak in `arc_serial_probe`

Smatch reports:

drivers/tty/serial/arc_uart.c:631 arc_serial_probe() warn:
'port->membase' from of_iomap() not released on lines: 631.

In arc_serial_probe(), if uart_add_one_port() fails,
port->membase is not released, which would cause a resource leak.

To fix this, I replace of_iomap with devm_platform_ioremap_resource.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.244-1
fixed
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.153-1
fixed
trixie
6.12.43-1
fixed
trixie (security)
6.12.48-1
fixed
forky
6.16.9-1
fixed
sid
6.16.12-2
fixed
References
https://git.kernel.org/stable/c/081790eee6b47389a0d895262086d64c6a38d6e5
https://git.kernel.org/stable/c/153017561d2804cfae87cc9aa377aa84dd906ae1
https://git.kernel.org/stable/c/3f00df24a5021a6f02c1830a290acd4bceb22a2d
https://git.kernel.org/stable/c/40a462313ba4f337a2b419e7fb4a670f3dd95e14
https://git.kernel.org/stable/c/7525aa211758cc023a371e010d16ceaae1057807
https://git.kernel.org/stable/c/8ab5fc55d7f65d58a3c3aeadf11bdf60267cd2bd
https://git.kernel.org/stable/c/f76a18e53a66c0ef2938276110717b3805720cd9