Bug 2426201 (CVE-2023-54319) - CVE-2023-54319 kernel: pinctrl: at91-pio4: check return value of devm_kasprintf()
Summary: CVE-2023-54319 kernel: pinctrl: at91-pio4: check return value of devm_kasprin...
Keywords:
Status: NEW
Alias: CVE-2023-54319
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-12-30 13:16 UTC by OSIDB Bzimport
Modified: 2026-06-29 20:22 UTC (History)
2 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description OSIDB Bzimport 2025-12-30 13:16:05 UTC
In the Linux kernel, the following vulnerability has been resolved:

pinctrl: at91-pio4: check return value of devm_kasprintf()

devm_kasprintf() returns a pointer to dynamically allocated memory.
Pointer could be NULL in case allocation fails. Check pointer validity.
Identified with coccinelle (kmerr.cocci script).

Depends-on: 1c4e5c470a56 ("pinctrl: at91: use devm_kasprintf() to avoid potential leaks")
Depends-on: 5a8f9cf269e8 ("pinctrl: at91-pio4: use proper format specifier for unsigned int")


Note You need to log in before you can comment on or make changes to this bug.