CVE-2023-54208 (GCVE-0-2023-54208)
Vulnerability from cvelistv5 – Published: 2025-12-30 12:11 – Updated: 2025-12-30 12:11
VLAI?
Title
media: ov5675: Fix memleak in ov5675_init_controls()
Summary
In the Linux kernel, the following vulnerability has been resolved:
media: ov5675: Fix memleak in ov5675_init_controls()
There is a kmemleak when testing the media/i2c/ov5675.c with bpf mock
device:
AssertionError: unreferenced object 0xffff888107362160 (size 16):
comm "python3", pid 277, jiffies 4294832798 (age 20.722s)
hex dump (first 16 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[<00000000abe7d67c>] __kmalloc_node+0x44/0x1b0
[<000000008a725aac>] kvmalloc_node+0x34/0x180
[<000000009a53cd11>] v4l2_ctrl_handler_init_class+0x11d/0x180
[videodev]
[<0000000055b46db0>] ov5675_probe+0x38b/0x897 [ov5675]
[<00000000153d886c>] i2c_device_probe+0x28d/0x680
[<000000004afb7e8f>] really_probe+0x17c/0x3f0
[<00000000ff2f18e4>] __driver_probe_device+0xe3/0x170
[<000000000a001029>] driver_probe_device+0x49/0x120
[<00000000e39743c7>] __device_attach_driver+0xf7/0x150
[<00000000d32fd070>] bus_for_each_drv+0x114/0x180
[<000000009083ac41>] __device_attach+0x1e5/0x2d0
[<0000000015b4a830>] bus_probe_device+0x126/0x140
[<000000007813deaf>] device_add+0x810/0x1130
[<000000007becb867>] i2c_new_client_device+0x386/0x540
[<000000007f9cf4b4>] of_i2c_register_device+0xf1/0x110
[<00000000ebfdd032>] of_i2c_notify+0xfc/0x1f0
ov5675_init_controls() won't clean all the allocated resources in fail
path, which may causes the memleaks. Add v4l2_ctrl_handler_free() to
prevent memleak.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | Linux |
Affected:
bf27502b1f3bf8095bf81736e506d354a2ce9ec4 , < 086a80b842bcb621d6c4eedad20683f1f674d0c2
(git)
Affected: bf27502b1f3bf8095bf81736e506d354a2ce9ec4 , < bcae9115a163198dce9126aa8bedc1c007ec30ed (git) Affected: bf27502b1f3bf8095bf81736e506d354a2ce9ec4 , < ba54908ae8225d58f1830edb394d4153bcb7d0aa (git) Affected: bf27502b1f3bf8095bf81736e506d354a2ce9ec4 , < 49b849824b9862f177fc77fc92ef95ec54566ecf (git) Affected: bf27502b1f3bf8095bf81736e506d354a2ce9ec4 , < 7a36a6be694df87d019663863b922913947b42af (git) Affected: bf27502b1f3bf8095bf81736e506d354a2ce9ec4 , < dd74ed6c213003533e3abf4c204374ef01d86978 (git) |
||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/media/i2c/ov5675.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "086a80b842bcb621d6c4eedad20683f1f674d0c2",
"status": "affected",
"version": "bf27502b1f3bf8095bf81736e506d354a2ce9ec4",
"versionType": "git"
},
{
"lessThan": "bcae9115a163198dce9126aa8bedc1c007ec30ed",
"status": "affected",
"version": "bf27502b1f3bf8095bf81736e506d354a2ce9ec4",
"versionType": "git"
},
{
"lessThan": "ba54908ae8225d58f1830edb394d4153bcb7d0aa",
"status": "affected",
"version": "bf27502b1f3bf8095bf81736e506d354a2ce9ec4",
"versionType": "git"
},
{
"lessThan": "49b849824b9862f177fc77fc92ef95ec54566ecf",
"status": "affected",
"version": "bf27502b1f3bf8095bf81736e506d354a2ce9ec4",
"versionType": "git"
},
{
"lessThan": "7a36a6be694df87d019663863b922913947b42af",
"status": "affected",
"version": "bf27502b1f3bf8095bf81736e506d354a2ce9ec4",
"versionType": "git"
},
{
"lessThan": "dd74ed6c213003533e3abf4c204374ef01d86978",
"status": "affected",
"version": "bf27502b1f3bf8095bf81736e506d354a2ce9ec4",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/media/i2c/ov5675.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.4"
},
{
"lessThan": "5.4",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.235",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.173",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.99",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.16",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"version": "6.2.3",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.3",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.235",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.173",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.99",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.16",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2.3",
"versionStartIncluding": "5.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.3",
"versionStartIncluding": "5.4",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ov5675: Fix memleak in ov5675_init_controls()\n\nThere is a kmemleak when testing the media/i2c/ov5675.c with bpf mock\ndevice:\n\nAssertionError: unreferenced object 0xffff888107362160 (size 16):\n comm \"python3\", pid 277, jiffies 4294832798 (age 20.722s)\n hex dump (first 16 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c00000000abe7d67c\u003e] __kmalloc_node+0x44/0x1b0\n [\u003c000000008a725aac\u003e] kvmalloc_node+0x34/0x180\n [\u003c000000009a53cd11\u003e] v4l2_ctrl_handler_init_class+0x11d/0x180\n[videodev]\n [\u003c0000000055b46db0\u003e] ov5675_probe+0x38b/0x897 [ov5675]\n [\u003c00000000153d886c\u003e] i2c_device_probe+0x28d/0x680\n [\u003c000000004afb7e8f\u003e] really_probe+0x17c/0x3f0\n [\u003c00000000ff2f18e4\u003e] __driver_probe_device+0xe3/0x170\n [\u003c000000000a001029\u003e] driver_probe_device+0x49/0x120\n [\u003c00000000e39743c7\u003e] __device_attach_driver+0xf7/0x150\n [\u003c00000000d32fd070\u003e] bus_for_each_drv+0x114/0x180\n [\u003c000000009083ac41\u003e] __device_attach+0x1e5/0x2d0\n [\u003c0000000015b4a830\u003e] bus_probe_device+0x126/0x140\n [\u003c000000007813deaf\u003e] device_add+0x810/0x1130\n [\u003c000000007becb867\u003e] i2c_new_client_device+0x386/0x540\n [\u003c000000007f9cf4b4\u003e] of_i2c_register_device+0xf1/0x110\n [\u003c00000000ebfdd032\u003e] of_i2c_notify+0xfc/0x1f0\n\nov5675_init_controls() won\u0027t clean all the allocated resources in fail\npath, which may causes the memleaks. Add v4l2_ctrl_handler_free() to\nprevent memleak."
}
],
"providerMetadata": {
"dateUpdated": "2025-12-30T12:11:07.336Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/086a80b842bcb621d6c4eedad20683f1f674d0c2"
},
{
"url": "https://git.kernel.org/stable/c/bcae9115a163198dce9126aa8bedc1c007ec30ed"
},
{
"url": "https://git.kernel.org/stable/c/ba54908ae8225d58f1830edb394d4153bcb7d0aa"
},
{
"url": "https://git.kernel.org/stable/c/49b849824b9862f177fc77fc92ef95ec54566ecf"
},
{
"url": "https://git.kernel.org/stable/c/7a36a6be694df87d019663863b922913947b42af"
},
{
"url": "https://git.kernel.org/stable/c/dd74ed6c213003533e3abf4c204374ef01d86978"
}
],
"title": "media: ov5675: Fix memleak in ov5675_init_controls()",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-54208",
"datePublished": "2025-12-30T12:11:07.336Z",
"dateReserved": "2025-12-30T12:06:44.500Z",
"dateUpdated": "2025-12-30T12:11:07.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-54208\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-12-30T13:16:08.977\",\"lastModified\":\"2025-12-31T20:43:05.160\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmedia: ov5675: Fix memleak in ov5675_init_controls()\\n\\nThere is a kmemleak when testing the media/i2c/ov5675.c with bpf mock\\ndevice:\\n\\nAssertionError: unreferenced object 0xffff888107362160 (size 16):\\n comm \\\"python3\\\", pid 277, jiffies 4294832798 (age 20.722s)\\n hex dump (first 16 bytes):\\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\\n backtrace:\\n [\u003c00000000abe7d67c\u003e] __kmalloc_node+0x44/0x1b0\\n [\u003c000000008a725aac\u003e] kvmalloc_node+0x34/0x180\\n [\u003c000000009a53cd11\u003e] v4l2_ctrl_handler_init_class+0x11d/0x180\\n[videodev]\\n [\u003c0000000055b46db0\u003e] ov5675_probe+0x38b/0x897 [ov5675]\\n [\u003c00000000153d886c\u003e] i2c_device_probe+0x28d/0x680\\n [\u003c000000004afb7e8f\u003e] really_probe+0x17c/0x3f0\\n [\u003c00000000ff2f18e4\u003e] __driver_probe_device+0xe3/0x170\\n [\u003c000000000a001029\u003e] driver_probe_device+0x49/0x120\\n [\u003c00000000e39743c7\u003e] __device_attach_driver+0xf7/0x150\\n [\u003c00000000d32fd070\u003e] bus_for_each_drv+0x114/0x180\\n [\u003c000000009083ac41\u003e] __device_attach+0x1e5/0x2d0\\n [\u003c0000000015b4a830\u003e] bus_probe_device+0x126/0x140\\n [\u003c000000007813deaf\u003e] device_add+0x810/0x1130\\n [\u003c000000007becb867\u003e] i2c_new_client_device+0x386/0x540\\n [\u003c000000007f9cf4b4\u003e] of_i2c_register_device+0xf1/0x110\\n [\u003c00000000ebfdd032\u003e] of_i2c_notify+0xfc/0x1f0\\n\\nov5675_init_controls() won\u0027t clean all the allocated resources in fail\\npath, which may causes the memleaks. Add v4l2_ctrl_handler_free() to\\nprevent memleak.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/086a80b842bcb621d6c4eedad20683f1f674d0c2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/49b849824b9862f177fc77fc92ef95ec54566ecf\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7a36a6be694df87d019663863b922913947b42af\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/ba54908ae8225d58f1830edb394d4153bcb7d0aa\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/bcae9115a163198dce9126aa8bedc1c007ec30ed\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/dd74ed6c213003533e3abf4c204374ef01d86978\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…