ghsa-jg3v-4f9w-62x2
Vulnerability from github
Published
2025-09-16 15:32
Modified
2025-09-16 15:32
Details

In the Linux kernel, the following vulnerability has been resolved:

nfc: fix memory leak of se_io context in nfc_genl_se_io

The callback context for sending/receiving APDUs to/from the selected secure element is allocated inside nfc_genl_se_io and supposed to be eventually freed in se_io_cb callback function. However, there are several error paths where the bwi_timer is not charged to call se_io_cb later, and the cb_context is leaked.

The patch proposes to free the cb_context explicitly on those error paths.

At the moment we can't simply check 'dev->ops->se_io()' return value as it may be negative in both cases: when the timer was charged and was not.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2023-53298"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-09-16T08:15:39Z",
    "severity": null
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: fix memory leak of se_io context in nfc_genl_se_io\n\nThe callback context for sending/receiving APDUs to/from the selected\nsecure element is allocated inside nfc_genl_se_io and supposed to be\neventually freed in se_io_cb callback function. However, there are several\nerror paths where the bwi_timer is not charged to call se_io_cb later, and\nthe cb_context is leaked.\n\nThe patch proposes to free the cb_context explicitly on those error paths.\n\nAt the moment we can\u0027t simply check \u0027dev-\u003eops-\u003ese_io()\u0027 return value as it\nmay be negative in both cases: when the timer was charged and was not.",
  "id": "GHSA-jg3v-4f9w-62x2",
  "modified": "2025-09-16T15:32:33Z",
  "published": "2025-09-16T15:32:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53298"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/25ff6f8a5a3b8dc48e8abda6f013e8cc4b14ffea"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/271eed1736426103335c5aac50f15b0f4d236bc0"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/5321da6d84b87a34eea441677d649c34bd854169"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/8978315cb4bf8878c9c8ec05dafd8f7ff539860d"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/af452e35b9e6a87cd49e54a7a3d60d934b194651"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b2036a252381949d3b743a3de069324ae3028a57"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ba98db08895748c12e5ded52cd1598dce2c79e55"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c494365432dcdc549986f4d9af9eb6190cbdb153"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.