CVE-2023-54221

EUVD-2023-60420

30.12.2025, 13:16

In the Linux kernel, the following vulnerability has been resolved:

clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe

In function probe(), it returns directly without unregistered hws
when error occurs.

Fix this by adding 'goto unregister_hws;' on line 295 and
line 310.

Use devm_kzalloc() instead of kzalloc() to automatically
free the memory using devm_kfree() when error occurs.

Replace of_iomap() with devm_of_iomap() to automatically
handle the unused ioremap region and delete 'iounmap(anatop_base);'
in unregister_hws.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.148-1 fixed
bookworm (security)	6.1.158-1 fixed
bullseye	5.10.223-1 not-affected
bullseye (security)	5.10.247-1 fixed
forky	6.17.13-1 fixed
sid	6.17.13-1 fixed
trixie	6.12.57-1 fixed
trixie (security)	6.12.48-1 fixed

References

https://git.kernel.org/stable/c/280a5ff665e12d1e0c54c20cedc9c5008aa686a5

https://git.kernel.org/stable/c/d17c16a2b2a6589c45b0bfb1b9914da80b72d89e

https://git.kernel.org/stable/c/e02ba11b457647050cb16e7cad16cec3c252fade

https://git.kernel.org/stable/c/fac9c624138c4bc021d7a8ee3b974c9e10926d92