CVE-2023-54228

The RAA215300 regulator driver in the Linux kernel contained a resource leak in its error path. The functions clk_register_fixed_rate() and clk_register_clkdev() allocate memory (the latter via vclkdev_alloc()) that is not freed if an error occurs. This leaves allocated clock structures and clockdev lookup entries dangling, wasting kernel memory. [1]

This bug would be triggered only if the driver probe fails after these registration calls, which is a relatively rare instantiation sequence. An attacker would require the ability to trigger a device probe failure on a system using this RTC/regulator device (e.g., via driver binding or module loading errors), but the platform privilege required is low (no special authentication needed if device-side, as the driver operates in kernel space). [1]

The impact is a memory leak, leading to kernel memory exhaustion over repeated probe-failure cycles. Systems repeatedly inserting/ejecting or unbinding/binding this device could gradually deplete system memory, contributing to denial-of-service. No data confidentiality or integrity is affected directly. [1]

The fix replaces the manual non-devm clock registration functions with devm_clk_hw_register_fixed_rate() and devm_clk_hw_register_clkdev(), ensuring automatic cleanup on driver detachment or probe failure. The static clock variable is removed, simplifying the code. This update has been merged into the stable kernel tree. [1]