CVE-2023-53202

When calling debugfslookup() the result must have dput() called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove() instead which handles all of the logic at once.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

718072ceb211833f3c71724f49d733d636067191

Fixed

dddc132eb0dca3969f9146ef8feac0aa542aa305

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

718072ceb211833f3c71724f49d733d636067191

Fixed

cde67cb7d2d1757baa83271c1f0892727e79f52e

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

718072ceb211833f3c71724f49d733d636067191

Fixed

543d7113c37206ed7dae7bfb0b7e50955077770e

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

718072ceb211833f3c71724f49d733d636067191

Fixed

0b6200e1e9f53dabdc30d0f6c51af9a5f664d32b

Affected versions

v5.*

v5.10

v5.10-rc6

v5.10-rc7

v5.11

v5.11-rc1

v5.11-rc2

v5.11-rc3

v5.11-rc4

v5.11-rc5

v5.11-rc6

v5.11-rc7

v5.12

v5.12-rc1

v5.12-rc1-dontuse

v5.12-rc2

v5.12-rc3

v5.12-rc4

v5.12-rc5

v5.12-rc6

v5.12-rc7

v5.12-rc8

v5.13

v5.13-rc1

v5.13-rc2

v5.13-rc3

v5.13-rc4

v5.13-rc5

v5.13-rc6

v5.13-rc7

v5.14

v5.14-rc1

v5.14-rc2

v5.14-rc3

v5.14-rc4

v5.14-rc5

v5.14-rc6

v5.14-rc7

v5.15

v5.15-rc1

v5.15-rc2

v5.15-rc3

v5.15-rc4

v5.15-rc5

v5.15-rc6

v5.15-rc7

v5.15.1

v5.15.10

v5.15.11

v5.15.12

v5.15.13

v5.15.14

v5.15.15

v5.15.16

v5.15.17

v5.15.18

v5.15.19

v5.15.2

v5.15.20

v5.15.21

v5.15.22

v5.15.23

v5.15.24

v5.15.25

v5.15.26

v5.15.27

v5.15.28

v5.15.29

v5.15.3

v5.15.30

v5.15.31

v5.15.32

v5.15.33

v5.15.34

v5.15.35

v5.15.36

v5.15.37

v5.15.38

v5.15.39

v5.15.4

v5.15.40

v5.15.41

v5.15.42

v5.15.43

v5.15.44

v5.15.45

v5.15.46

v5.15.47

v5.15.48

v5.15.49

v5.15.5

v5.15.50

v5.15.51

v5.15.52

v5.15.53

v5.15.54

v5.15.55

v5.15.56

v5.15.57

v5.15.58

v5.15.59

v5.15.6

v5.15.60

v5.15.61

v5.15.62

v5.15.63

v5.15.64

v5.15.65

v5.15.66

v5.15.67

v5.15.68

v5.15.69

v5.15.7

v5.15.70

v5.15.71

v5.15.72

v5.15.73

v5.15.74

v5.15.75

v5.15.76

v5.15.77

v5.15.78

v5.15.79

v5.15.8

v5.15.80

v5.15.81

v5.15.82

v5.15.83

v5.15.84

v5.15.85

v5.15.86

v5.15.87

v5.15.88

v5.15.89

v5.15.9

v5.15.90

v5.15.91

v5.15.92

v5.15.93

v5.15.94

v5.15.95

v5.15.96

v5.15.97

v5.15.98

v5.16

v5.16-rc1

v5.16-rc2

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.17

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.1

v6.1-rc1

v6.1-rc2

v6.1-rc3

v6.1-rc4

v6.1-rc5

v6.1-rc6

v6.1-rc7

v6.1-rc8

v6.1.1

v6.1.10

v6.1.11

v6.1.12

v6.1.13

v6.1.14

v6.1.15

v6.1.2

v6.1.3

v6.1.4

v6.1.5

v6.1.6

v6.1.7

v6.1.8

v6.1.9

v6.2

v6.2-rc1

v6.2-rc2

v6.2-rc3

v6.2-rc4

v6.2-rc5

v6.2-rc6

v6.2-rc7

v6.2-rc8

v6.2.1

v6.2.2

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "147837291948587243081862143761101928783",
                "29471998374121787507886237311151175673",
                "151383630033575554515841309462082337053",
                "192959417591896863833792215475143018382",
                "235497615656033845489334144076399332592",
                "314083191589831381475818521217459684679",
                "105841583299788469592730289633774504382",
                "225551939278110115869965608687589589945"
            ]
        },
        "target": {
            "file": "drivers/base/power/domain.c"
        },
        "id": "CVE-2023-53202-1ef4a7be",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dddc132eb0dca3969f9146ef8feac0aa542aa305",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "147837291948587243081862143761101928783",
                "29471998374121787507886237311151175673",
                "151383630033575554515841309462082337053",
                "192959417591896863833792215475143018382",
                "235497615656033845489334144076399332592",
                "314083191589831381475818521217459684679",
                "105841583299788469592730289633774504382",
                "225551939278110115869965608687589589945"
            ]
        },
        "target": {
            "file": "drivers/base/power/domain.c"
        },
        "id": "CVE-2023-53202-1f8b26a2",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@543d7113c37206ed7dae7bfb0b7e50955077770e",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "147837291948587243081862143761101928783",
                "29471998374121787507886237311151175673",
                "151383630033575554515841309462082337053",
                "192959417591896863833792215475143018382",
                "235497615656033845489334144076399332592",
                "314083191589831381475818521217459684679",
                "105841583299788469592730289633774504382",
                "225551939278110115869965608687589589945"
            ]
        },
        "target": {
            "file": "drivers/base/power/domain.c"
        },
        "id": "CVE-2023-53202-228939c3",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0b6200e1e9f53dabdc30d0f6c51af9a5f664d32b",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "64778232810430981000405469972097403429",
            "length": 167.0
        },
        "target": {
            "function": "genpd_debug_remove",
            "file": "drivers/base/power/domain.c"
        },
        "id": "CVE-2023-53202-3c3a4b00",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@0b6200e1e9f53dabdc30d0f6c51af9a5f664d32b",
        "signature_type": "Function"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "64778232810430981000405469972097403429",
            "length": 167.0
        },
        "target": {
            "function": "genpd_debug_remove",
            "file": "drivers/base/power/domain.c"
        },
        "id": "CVE-2023-53202-6e4da90e",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cde67cb7d2d1757baa83271c1f0892727e79f52e",
        "signature_type": "Function"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "64778232810430981000405469972097403429",
            "length": 167.0
        },
        "target": {
            "function": "genpd_debug_remove",
            "file": "drivers/base/power/domain.c"
        },
        "id": "CVE-2023-53202-7353b928",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@543d7113c37206ed7dae7bfb0b7e50955077770e",
        "signature_type": "Function"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "147837291948587243081862143761101928783",
                "29471998374121787507886237311151175673",
                "151383630033575554515841309462082337053",
                "192959417591896863833792215475143018382",
                "235497615656033845489334144076399332592",
                "314083191589831381475818521217459684679",
                "105841583299788469592730289633774504382",
                "225551939278110115869965608687589589945"
            ]
        },
        "target": {
            "file": "drivers/base/power/domain.c"
        },
        "id": "CVE-2023-53202-7f990eed",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cde67cb7d2d1757baa83271c1f0892727e79f52e",
        "signature_type": "Line"
    },
    {
        "deprecated": false,
        "signature_version": "v1",
        "digest": {
            "function_hash": "64778232810430981000405469972097403429",
            "length": 167.0
        },
        "target": {
            "function": "genpd_debug_remove",
            "file": "drivers/base/power/domain.c"
        },
        "id": "CVE-2023-53202-c91cef18",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@dddc132eb0dca3969f9146ef8feac0aa542aa305",
        "signature_type": "Function"
    }
]

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.99

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.16

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.2.3