CVE-2023-53264

Published: September 17, 2025Last modified: September 17, 2025

Description

In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe Use devm_of_iomap() instead of of_iomap() to automatically handle the unused ioremap region. If any error occurs, regions allocated by kzalloc() will leak, but using devm_kzalloc() instead will automatically free the memory using devm_kfree(). Also, fix error handling of hws by adding unregister_hws label, which unregisters remaining hws when iomap failed.

Severity score breakdown

Parameter	Value
Base score	5.5
Attack Vector	LOCAL
Attack complexity	LOW
Privileges required	LOW
User interaction	NONE
Scope	UNCHANGED
Confidentiality	NONE
Integrity impact	NONE
Availability impact	HIGH
Vector	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Status

Product	Release	Package	Status
Alpaquita Linux	23 LTS	linux-lts	Fixed (6.1.42-r0)
	25 LTS	linux-lts	Not affected (6.6.89-r0)
	Stream	linux-lts	Fixed (6.6.58-r0)

References

https://git.kernel.org/stable/c/02e54db221bb001b32f839e0149ee8d890ab9aa1
https://git.kernel.org/stable/c/0fbdfd2542252e4c02e8158a06b7c0c9cfd40f99
https://git.kernel.org/stable/c/1839032251a66f2ae5a043c495532830a55d28c4
https://git.kernel.org/stable/c/1b280598ab3bd8a2dc8b96a12530d5b1ee7a8f4a