CVE-2023-52838 Affecting cluster-md-kmp-default package, versions <6.4.0-150600.23.14.2
Threat Intelligence
EPSS
0.04% (14th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-SLES156-CLUSTERMDKMPDEFAULT-7550145
- published 23 Jul 2024
- disclosed 22 Jul 2024
Introduced: 22 Jul 2024
CVE-2023-52838 Open this link in a new tabHow to fix?
Upgrade SLES:15.6 cluster-md-kmp-default to version 6.4.0-150600.23.14.2 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream cluster-md-kmp-default package and not the cluster-md-kmp-default package as distributed by SLES.
See How to fix? for SLES:15.6 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
fbdev: imsttfb: fix a resource leak in probe
I've re-written the error handling but the bug is that if init_imstt() fails we need to call iounmap(par->cmap_regs).
References
- https://www.suse.com/security/cve/CVE-2023-52838.html
- https://bugzilla.suse.com/1225031
- https://git.kernel.org/stable/c/18d26f9baca7d0d309303e3074a2252b8310884a
- https://git.kernel.org/stable/c/382e1931e0c9cd58a5a8519cdc6cd9dc4d82b485
- https://git.kernel.org/stable/c/6c66d737b2726ac7784269ddf32a31634f8f269d
- https://git.kernel.org/stable/c/7bc7b82fb2191b0d50a80ee4e27030918767dd1d
- https://git.kernel.org/stable/c/8e4b510fe91782522b7ca0ca881b663b5d35e513
- https://git.kernel.org/stable/c/a4dfebec32ec6d420a5506dd56a7834c91be28e4
- https://git.kernel.org/stable/c/aba6ab57a910ad4b940c2024d15f2cdbf5b7f76b
- https://git.kernel.org/stable/c/b346a531159d08c564a312a9eaeea691704f3c00
CVSS Scores
version 3.1