Wind River Support Network


LIN1021-7334 : Security Advisory - linux - CVE-2023-52457

Created: Feb 25, 2024    Updated: May 16, 2024
Resolved Date: May 16, 2024
Found In Version:
Fix Version:
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Kernel


In the Linux kernel, the following vulnerability has been resolved:

serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed

Returning an error code from .remove() makes the driver core emit the
little helpful error message:

	remove callback returned a non-zero value. This will be ignored.

and then remove the device anyhow. So all resources that were not freed
are leaked in this case. Skipping serial8250_unregister_port() has the
potential to keep enough of the UART around to trigger a use-after-free.

So replace the error return (and with it the little helpful error
message) by a more useful error message and continue to cleanup.

CREATE(Triage):(User=admin) CVE-2023-52457 (


Live chat