CVE-2023-54221

medium

Description

In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93_clocks_probe In function probe(), it returns directly without unregistered hws when error occurs. Fix this by adding 'goto unregister_hws;' on line 295 and line 310. Use devm_kzalloc() instead of kzalloc() to automatically free the memory using devm_kfree() when error occurs. Replace of_iomap() with devm_of_iomap() to automatically handle the unused ioremap region and delete 'iounmap(anatop_base);' in unregister_hws.

References

https://git.kernel.org/stable/c/fac9c624138c4bc021d7a8ee3b974c9e10926d92

https://git.kernel.org/stable/c/e02ba11b457647050cb16e7cad16cec3c252fade

https://git.kernel.org/stable/c/d17c16a2b2a6589c45b0bfb1b9914da80b72d89e

https://git.kernel.org/stable/c/280a5ff665e12d1e0c54c20cedc9c5008aa686a5

Details

Source: Mitre, NVD

Published: 2025-12-30

Updated: 2025-12-31

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018