CVE-2023-53636

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> clk: microchip: fix potential UAF in auxdev release callback<br /> <br /> Similar to commit 1c11289b34ab ("peci: cpu: Fix use-after-free in<br /> adev_release()"), the auxiliary device is not torn down in the correct<br /> order. If auxiliary_device_add() fails, the release callback will be<br /> called twice, resulting in a UAF. Due to timing, the auxdev code in this<br /> driver "took inspiration" from the aforementioned commit, and thus its<br /> bugs too!<br /> <br /> Moving auxiliary_device_uninit() to the unregister callback instead<br /> avoids the issue.