CVE-2023-52838 Affecting kernel-zfcpdump-modules-internal package, versions *
Threat Intelligence
EPSS
0.04% (14th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-RHEL9-KERNELZFCPDUMPMODULESINTERNAL-7029373
- published 23 May 2024
- disclosed 21 May 2024
How to fix?
There is no fixed version for RHEL:9 kernel-zfcpdump-modules-internal.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-zfcpdump-modules-internal package and not the kernel-zfcpdump-modules-internal package as distributed by RHEL.
See How to fix? for RHEL:9 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
fbdev: imsttfb: fix a resource leak in probe
I've re-written the error handling but the bug is that if init_imstt() fails we need to call iounmap(par->cmap_regs).
References
- https://access.redhat.com/security/cve/CVE-2023-52838
- https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a
- https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485
- https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d
- https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d
- https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513
- https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4
- https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b
- https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00
CVSS Scores
version 3.1