CVE-2023-54208
- Source
- https://cve.org/CVERecord?id=CVE-2023-54208
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54208.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-54208
- Downstream
- Related
- Published
- 2025-12-30T12:11:07.336Z
- Modified
- 2026-04-02T09:45:40.739610Z
- Summary
- media: ov5675: Fix memleak in ov5675_init_controls()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
media: ov5675: Fix memleak in ov5675initcontrols()
There is a kmemleak when testing the media/i2c/ov5675.c with bpf mock device:
AssertionError: unreferenced object 0xffff888107362160 (size 16): comm "python3", pid 277, jiffies 4294832798 (age 20.722s) hex dump (first 16 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000abe7d67c>] __kmallocnode+0x44/0x1b0 [<000000008a725aac>] kvmallocnode+0x34/0x180 [<000000009a53cd11>] v4l2ctrlhandlerinitclass+0x11d/0x180 [videodev] [<0000000055b46db0>] ov5675probe+0x38b/0x897 [ov5675] [<00000000153d886c>] i2cdeviceprobe+0x28d/0x680 [<000000004afb7e8f>] reallyprobe+0x17c/0x3f0 [<00000000ff2f18e4>] __driverprobedevice+0xe3/0x170 [<000000000a001029>] driverprobedevice+0x49/0x120 [<00000000e39743c7>] __deviceattachdriver+0xf7/0x150 [<00000000d32fd070>] bus_foreachdrv+0x114/0x180 [<000000009083ac41>] __deviceattach+0x1e5/0x2d0 [<0000000015b4a830>] busprobedevice+0x126/0x140 [<000000007813deaf>] deviceadd+0x810/0x1130 [<000000007becb867>] i2cnewclientdevice+0x386/0x540 [<000000007f9cf4b4>] ofi2cregisterdevice+0xf1/0x110 [<00000000ebfdd032>] ofi2cnotify+0xfc/0x1f0
ov5675initcontrols() won't clean all the allocated resources in fail path, which may causes the memleaks. Add v4l2ctrlhandler_free() to prevent memleak.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54208.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/086a80b842bcb621d6c4eedad20683f1f674d0c2
- https://git.kernel.org/stable/c/49b849824b9862f177fc77fc92ef95ec54566ecf
- https://git.kernel.org/stable/c/7a36a6be694df87d019663863b922913947b42af
- https://git.kernel.org/stable/c/ba54908ae8225d58f1830edb394d4153bcb7d0aa
- https://git.kernel.org/stable/c/bcae9115a163198dce9126aa8bedc1c007ec30ed
- https://git.kernel.org/stable/c/dd74ed6c213003533e3abf4c204374ef01d86978
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54208.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-54208
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedbf27502b1f3bf8095bf81736e506d354a2ce9ec4Fixed086a80b842bcb621d6c4eedad20683f1f674d0c2Fixedbcae9115a163198dce9126aa8bedc1c007ec30edFixedba54908ae8225d58f1830edb394d4153bcb7d0aaFixed49b849824b9862f177fc77fc92ef95ec54566ecfFixed7a36a6be694df87d019663863b922913947b42afFixeddd74ed6c213003533e3abf4c204374ef01d86978