{"id":"CVE-2023-52670","summary":"rpmsg: virtio: Free driver_override when rpmsg_remove()","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nrpmsg: virtio: Free driver_override when rpmsg_remove()\n\nFree driver_override when rpmsg_remove(), otherwise\nthe following memory leak will occur:\n\nunreferenced object 0xffff0000d55d7080 (size 128):\n  comm \"kworker/u8:2\", pid 56, jiffies 4294893188 (age 214.272s)\n  hex dump (first 32 bytes):\n    72 70 6d 73 67 5f 6e 73 00 00 00 00 00 00 00 00  rpmsg_ns........\n    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................\n  backtrace:\n    [\u003c000000009c94c9c1\u003e] __kmem_cache_alloc_node+0x1f8/0x320\n    [\u003c000000002300d89b\u003e] __kmalloc_node_track_caller+0x44/0x70\n    [\u003c00000000228a60c3\u003e] kstrndup+0x4c/0x90\n    [\u003c0000000077158695\u003e] driver_set_override+0xd0/0x164\n    [\u003c000000003e9c4ea5\u003e] rpmsg_register_device_override+0x98/0x170\n    [\u003c000000001c0c89a8\u003e] rpmsg_ns_register_device+0x24/0x30\n    [\u003c000000008bbf8fa2\u003e] rpmsg_probe+0x2e0/0x3ec\n    [\u003c00000000e65a68df\u003e] virtio_dev_probe+0x1c0/0x280\n    [\u003c00000000443331cc\u003e] really_probe+0xbc/0x2dc\n    [\u003c00000000391064b1\u003e] __driver_probe_device+0x78/0xe0\n    [\u003c00000000a41c9a5b\u003e] driver_probe_device+0xd8/0x160\n    [\u003c000000009c3bd5df\u003e] __device_attach_driver+0xb8/0x140\n    [\u003c0000000043cd7614\u003e] bus_for_each_drv+0x7c/0xd4\n    [\u003c000000003b929a36\u003e] __device_attach+0x9c/0x19c\n    [\u003c00000000a94e0ba8\u003e] device_initial_probe+0x14/0x20\n    [\u003c000000003c999637\u003e] bus_probe_device+0xa0/0xac","modified":"2026-04-02T09:43:12.075667Z","published":"2024-05-17T14:02:01.617Z","related":["SUSE-SU-2024:2135-1","SUSE-SU-2024:2203-1","SUSE-SU-2024:2372-1","SUSE-SU-2024:2385-1","SUSE-SU-2024:2394-1","SUSE-SU-2024:2495-1","SUSE-SU-2024:2939-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1","SUSE-SU-2025:20028-1","SUSE-SU-2025:20166-1","SUSE-SU-2025:20249-1","USN-6818-2","USN-6819-2"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52670.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/229ce47cbfdc7d3a9415eb676abbfb77d676cb08"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2d27a7b19cb354c6d04bcdc9239e261ff29858d6"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4e6cef3fae5c164968118a13f3fe293700adc81a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/69ca89d80f2c8a1f5af429b955637beea7eead30"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9a416d624e5fb7246ea97c11fbfea7e0e27abf43"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d5362c37e1f8a40096452fc201c30e705750e687"},{"type":"WEB","url":"https://git.kernel.org/stable/c/dd50fe18c234bd5ff22f658f4d414e8fa8cd6a5d"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f4bb1d5daf77b1a95a43277268adf0d1430c2346"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52670.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52670"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b0b03b8119633de0649da9bd506e4850c401ff2b"},{"fixed":"229ce47cbfdc7d3a9415eb676abbfb77d676cb08"},{"fixed":"dd50fe18c234bd5ff22f658f4d414e8fa8cd6a5d"},{"fixed":"69ca89d80f2c8a1f5af429b955637beea7eead30"},{"fixed":"2d27a7b19cb354c6d04bcdc9239e261ff29858d6"},{"fixed":"f4bb1d5daf77b1a95a43277268adf0d1430c2346"},{"fixed":"4e6cef3fae5c164968118a13f3fe293700adc81a"},{"fixed":"9a416d624e5fb7246ea97c11fbfea7e0e27abf43"},{"fixed":"d5362c37e1f8a40096452fc201c30e705750e687"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52670.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}