fkie_cve-2023-53298
Vulnerability from fkie_nvd
Published
2025-09-16 08:15
Modified
2025-09-16 12:49
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
nfc: fix memory leak of se_io context in nfc_genl_se_io
The callback context for sending/receiving APDUs to/from the selected
secure element is allocated inside nfc_genl_se_io and supposed to be
eventually freed in se_io_cb callback function. However, there are several
error paths where the bwi_timer is not charged to call se_io_cb later, and
the cb_context is leaked.
The patch proposes to free the cb_context explicitly on those error paths.
At the moment we can't simply check 'dev->ops->se_io()' return value as it
may be negative in both cases: when the timer was charged and was not.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: fix memory leak of se_io context in nfc_genl_se_io\n\nThe callback context for sending/receiving APDUs to/from the selected\nsecure element is allocated inside nfc_genl_se_io and supposed to be\neventually freed in se_io_cb callback function. However, there are several\nerror paths where the bwi_timer is not charged to call se_io_cb later, and\nthe cb_context is leaked.\n\nThe patch proposes to free the cb_context explicitly on those error paths.\n\nAt the moment we can\u0027t simply check \u0027dev-\u003eops-\u003ese_io()\u0027 return value as it\nmay be negative in both cases: when the timer was charged and was not."
}
],
"id": "CVE-2023-53298",
"lastModified": "2025-09-16T12:49:16.060",
"metrics": {},
"published": "2025-09-16T08:15:39.167",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/25ff6f8a5a3b8dc48e8abda6f013e8cc4b14ffea"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/271eed1736426103335c5aac50f15b0f4d236bc0"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/5321da6d84b87a34eea441677d649c34bd854169"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/8978315cb4bf8878c9c8ec05dafd8f7ff539860d"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/af452e35b9e6a87cd49e54a7a3d60d934b194651"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/b2036a252381949d3b743a3de069324ae3028a57"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/ba98db08895748c12e5ded52cd1598dce2c79e55"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/c494365432dcdc549986f4d9af9eb6190cbdb153"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…