CVE-2023-53724

Vulnerability

In the Linux kernel's pcf50633 ADC driver, the function pcf50633_adc_async_read() allocates a request structure (req) but fails to free it if adc_enqueue_request() returns an error. This oversight leads to a memory leak because the allocated memory is not released on the failure path [1].

Exploitation

An attacker with local access to the system can trigger this leak by repeatedly invoking ADC read operations that cause adc_enqueue_request() to fail. The failure could be induced by resource exhaustion or by exploiting race conditions in the driver's queue management. No special privileges beyond the ability to interact with the ADC device are required.

Impact

Each failed request leaks a small amount of kernel memory. Over time, repeated exploitation can exhaust kernel memory, leading to system instability or denial of service. The vulnerability does not directly allow code execution or privilege escalation.

Mitigation

The fix involves checking the return value of adc_enqueue_request() and freeing the allocated req if the enqueue fails. Patches have been applied to the stable kernel trees [1][2]. Users should update to the latest stable kernel version that includes the fix.