CVE-2023-54115

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db()<br /> <br /> When nonstatic_release_resource_db() frees all resources associated<br /> with an PCMCIA socket, it forgets to free socket_data too, causing<br /> a memory leak observable with kmemleak:<br /> <br /> unreferenced object 0xc28d1000 (size 64):<br /> comm "systemd-udevd", pid 297, jiffies 4294898478 (age 194.484s)<br /> hex dump (first 32 bytes):<br /> 00 00 00 00 00 00 00 00 f0 85 0e c3 00 00 00 00 ................<br /> 00 00 00 00 0c 10 8d c2 00 00 00 00 00 00 00 00 ................<br /> backtrace:<br /> [] __kmem_cache_alloc_node+0x2d7/0x4a0<br /> [] kmalloc_trace+0x31/0xa4<br /> [] nonstatic_init+0x24/0x1a4 [pcmcia_rsrc]<br /> [] pcmcia_register_socket+0x200/0x35c [pcmcia_core]<br /> [] yenta_probe+0x4d8/0xa70 [yenta_socket]<br /> [] pci_device_probe+0x99/0x194<br /> [] really_probe+0x181/0x45c<br /> [] __driver_probe_device+0x75/0x1f4<br /> [] driver_probe_device+0x28/0xac<br /> [] __driver_attach+0xeb/0x1e4<br /> [] bus_for_each_dev+0x61/0xb4<br /> [] driver_attach+0x1e/0x28<br /> [] bus_add_driver+0x102/0x20c<br /> [] driver_register+0x5b/0x120<br /> [] __pci_register_driver+0x44/0x4c<br /> [] __UNIQUE_ID___addressable_cleanup_module188+0x1c/0xfffff000 [iTCO_vendor_support]<br /> <br /> Fix this by freeing socket_data too.<br /> <br /> Tested on a Acer Travelmate 4002WLMi by manually binding/unbinding<br /> the yenta_cardbus driver (yenta_socket).