DEBIAN-CVE-2023-53637

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov772x: Fix memleak in ov772xprobe() A memory leak was reported when testing ov772x with bpf mock device: AssertionError: unreferenced object 0xffff888109afa7a8 (size 8): comm "python3", pid 279, jiffies 4294805921 (age 20.681s) hex dump (first 8 bytes): 80 22 88 15 81 88 ff ff ."...... backtrace: [<000000009990b438>] _kmallocnode+0x44/0x1b0 [<000000009e32f7d7>] kvmallocnode+0x34/0x180 [<00000000faf48134>] v4l2ctrlhandlerinitclass+0x11d/0x180 [videodev] [<00000000da376937>] ov772xprobe+0x1c3/0x68c [ov772x] [<000000003f0d225e>] i2cdeviceprobe+0x28d/0x680 [<00000000e0b6db89>] reallyprobe+0x17c/0x3f0 [<000000001b19fcee>] _driverprobedevice+0xe3/0x170 [<0000000048370519>] driverprobedevice+0x49/0x120 [<000000005ead07a0>] _deviceattachdriver+0xf7/0x150 [<0000000043f452b8>] busforeachdrv+0x114/0x180 [<00000000358e5596>] _deviceattach+0x1e5/0x2d0 [<0000000043f83c5d>] busprobedevice+0x126/0x140 [<00000000ee0f3046>] deviceadd+0x810/0x1130 [<00000000e0278184>] i2cnewclientdevice+0x359/0x4f0 [<0000000070baf34f>] ofi2cregisterdevice+0xf1/0x110 [<00000000a9f2159d>] ofi2cnotify+0x100/0x160 unreferenced object 0xffff888119825c00 (size 256): comm "python3", pid 279, jiffies 4294805921 (age 20.681s) hex dump (first 32 bytes): 00 b4 a5 17 81 88 ff ff 00 5e 82 19 81 88 ff ff .........^...... 10 5c 82 19 81 88 ff ff 10 5c 82 19 81 88 ff ff .............. backtrace: [<000000009990b438>] _kmallocnode+0x44/0x1b0 [<000000009e32f7d7>] kvmallocnode+0x34/0x180 [<0000000073d88e0b>] v4l2ctrlnew.cold+0x19b/0x86f [videodev] [<00000000b1f576fb>] v4l2ctrlnewstd+0x16f/0x210 [videodev] [<00000000caf7ac99>] ov772xprobe+0x1fa/0x68c [ov772x] [<000000003f0d225e>] i2cdeviceprobe+0x28d/0x680 [<00000000e0b6db89>] reallyprobe+0x17c/0x3f0 [<000000001b19fcee>] _driverprobedevice+0xe3/0x170 [<0000000048370519>] driverprobedevice+0x49/0x120 [<000000005ead07a0>] _deviceattachdriver+0xf7/0x150 [<0000000043f452b8>] busforeachdrv+0x114/0x180 [<00000000358e5596>] _deviceattach+0x1e5/0x2d0 [<0000000043f83c5d>] busprobedevice+0x126/0x140 [<00000000ee0f3046>] deviceadd+0x810/0x1130 [<00000000e0278184>] i2cnewclientdevice+0x359/0x4f0 [<0000000070baf34f>] ofi2cregisterdevice+0xf1/0x110 The reason is that if priv->hdl.error is set, ov772xprobe() jumps to the errormutexdestroy without doing v4l2ctrlhandlerfree(), and all resources allocated in v4l2ctrlhandlerinit() and v4l2ctrlnewstd() are leaked.