SB2025123088 - Memory leak in Linux kernel amba driver

Description

This security bulletin contains information about 1 security vulnerability.

1) Memory leak (CVE-ID: CVE-2023-54230)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the amba_device_release() function in drivers/amba/bus.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/03db4fe7917bb160eeccf3968835475fa32b7e10
• https://git.kernel.org/stable/c/206fadb7278ceac7593dd0b945a77b9df856a674
• https://git.kernel.org/stable/c/4f1807fddd9bf175ee5e14fffc6b6106e4b297ef
• https://git.kernel.org/stable/c/81ff633a88be2482c163d3acd2801d501261ce6a
• https://git.kernel.org/stable/c/8b60a706166de5de82314494704c2419e7657bf8
• https://git.kernel.org/stable/c/9062ce0ccbd82fbe81cc839a512c0ad90847e01c
• https://git.kernel.org/stable/c/94e398df32e850f26828690ee62f7441979583cc
• https://git.kernel.org/stable/c/9baf2278b3eed2c50112169121257d8a6ee0606c
• https://git.kernel.org/stable/c/e312cbdc11305568554a9e18a2ea5c2492c183f3
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.326
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.295
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.195
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.132
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.257
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.53
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.16
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.3
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6