CVE-2023-53704

CVE-2023-53704 is a vulnerability in the Linux kernel's i.MX8MP clock driver (clk-imx8mp.c) that was addressed by improving error handling within the imx8mp_clocks_probe() function. The root cause involved the use of of_iomap() and kzalloc() for memory allocation, which required manual cleanup and could lead to memory leaks if probe failed or the driver was removed. Additionally, the function did not check the return code of of_clk_add_hw_provider(), potentially allowing a partially initialized clock provider to remain registered.

Exploitation

Exploitation of this issue requires the ability to trigger a failure in the probe function of the i.MX8MP clock driver, which typically occurs during system boot or module loading. An attacker with local access and sufficient privileges could potentially cause the probe to fail by manipulating device tree entries or triggering resource exhaustion. No authentication is needed to trigger the vulnerable code path during normal operation, as the clock driver is initialized during kernel startup.

Impact

If exploited, the memory leak resulting from unreleased of_iomap() or kzalloc() allocations could gradually deplete system memory, leading to denial-of-service (DoS) conditions. More critically, if of_clk_add_hw_provider() fails, the system might have a partially registered clock provider without proper cleanup, causing undefined behavior in other drivers that depend on those clocks. This could lead to system instability or crashes.

Mitigation

The fix migrated to devm-managed versions (devm_of_iomap() and devm_kzalloc()), which automatically release resources when the device is removed or the driver unloads [1][2][3]. The patch also added a check for the return value of of_clk_add_hw_provider(), ensuring that if it fails, the registered hardware clocks are properly unregistered and an error is logged. This fix has been included in stable kernel updates. Users should apply the latest kernel updates from their distribution to address this vulnerability.