CVE-2023-52694

low-risk
Published 2024-05-17

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function With tpd12s015_remove() marked with __exit this function is discarded when the driver is compiled as a built-in. The result is that when the driver unbinds there is no cleanup done which results in resource leakage or worse.

Do I need to act?

-
0.03% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (2)

Affected Vendors

Debian Linux

References (13)

Patch https://git.kernel.org/stable/c/08ccff6ece35f08e8107e975903c370d849089e5
Patch https://git.kernel.org/stable/c/53926e2a39629702f7f809d614b3ca89c2478205
Patch https://git.kernel.org/stable/c/81f1bd85960b7a089a91e679ff7cd2524390bbf1
Patch https://git.kernel.org/stable/c/a8657406e12aa10412134622c58977ac657f16d2
Patch https://git.kernel.org/stable/c/ce3e112e7ae854249d8755906acc5f27e1542114
Patch https://git.kernel.org/stable/c/e00ec5901954d85b39b5f10f94e60ab9af463eb1
Patch https://git.kernel.org/stable/c/08ccff6ece35f08e8107e975903c370d849089e5
Patch https://git.kernel.org/stable/c/53926e2a39629702f7f809d614b3ca89c2478205
Patch https://git.kernel.org/stable/c/81f1bd85960b7a089a91e679ff7cd2524390bbf1
Patch https://git.kernel.org/stable/c/a8657406e12aa10412134622c58977ac657f16d2
Patch https://git.kernel.org/stable/c/ce3e112e7ae854249d8755906acc5f27e1542114
Patch https://git.kernel.org/stable/c/e00ec5901954d85b39b5f10f94e60ab9af463eb1
Mailing List https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
25
/ 100
low-risk
Severity 18/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 7/34 · Low