Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

017 - Ir a la línea de ayuda en Ciberseguridad    Ir a Agenda     Ir a Sala de prensa     Ir a suscripción de boletines

Ir al buscador

CVE-2023-53700

Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
22/10/2025
Última modificación:
22/10/2025

Descripción

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> media: max9286: Fix memleak in max9286_v4l2_register()<br /> <br /> There is a kmemleak when testing the media/i2c/max9286.c with bpf mock<br /> device:<br /> <br /> kmemleak: 5 new suspected memory leaks (see /sys/kernel/debug/kmemleak)<br /> <br /> unreferenced object 0xffff88810defc400 (size 256):<br /> comm "python3", pid 278, jiffies 4294737563 (age 31.978s)<br /> hex dump (first 32 bytes):<br /> 28 06 a7 0a 81 88 ff ff 00 fe 22 12 81 88 ff ff (.........".....<br /> 10 c4 ef 0d 81 88 ff ff 10 c4 ef 0d 81 88 ff ff ................<br /> backtrace:<br /> [] __kmalloc_node+0x44/0x1b0<br /> [] kvmalloc_node+0x34/0x180<br /> [] v4l2_ctrl_new+0x325/0x10f0 [videodev]<br /> [] v4l2_ctrl_new_std+0x16f/0x210 [videodev]<br /> [] max9286_probe+0x76e/0xbff [max9286]<br /> [] i2c_device_probe+0x28d/0x680<br /> [] really_probe+0x17c/0x3f0<br /> [] __driver_probe_device+0xe3/0x170<br /> [] driver_probe_device+0x49/0x120<br /> [] __device_attach_driver+0xf7/0x150<br /> [] bus_for_each_drv+0x114/0x180<br /> [] __device_attach+0x1e5/0x2d0<br /> [] bus_probe_device+0x126/0x140<br /> [] device_add+0x810/0x1130<br /> [] i2c_new_client_device+0x359/0x4f0<br /> [] of_i2c_register_device+0xf1/0x110<br /> <br /> max9286_v4l2_register() calls v4l2_ctrl_new_std(), but won&amp;#39;t free the<br /> created v412_ctrl when fwnode_graph_get_endpoint_by_id() failed, which<br /> causes the memleak. Call v4l2_ctrl_handler_free() to free the v412_ctrl.

Impacto

Referencias a soluciones, herramientas e información