Home

Description

In the Linux kernel, the following vulnerability has been resolved: thermal: of: fix double-free on unregistration Since commit 3d439b1a2ad3 ("thermal/core: Alloc-copy-free the thermal zone parameters structure"), thermal_zone_device_register() allocates a copy of the tzp argument and frees it when unregistering, so thermal_of_zone_register() now ends up leaking its original tzp and double-freeing the tzp copy. Fix this by locating tzp on stack instead.

PUBLISHED Reserved 2025-12-24 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status
unaffected

3d439b1a2ad36c8b4ea151c8de25309d60d17407 (git) before adce49089412a9ae28f5c666e0bb12fbcd86b3f7
affected

3d439b1a2ad36c8b4ea151c8de25309d60d17407 (git) before ac4436a5b20e0ef1f608a9ef46c08d5d142f8da6
affected

Default status
affected

6.4
affected

Any version before 6.4
unaffected

6.4.8 (semver)
unaffected

6.5 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/adce49089412a9ae28f5c666e0bb12fbcd86b3f7

git.kernel.org/...c/ac4436a5b20e0ef1f608a9ef46c08d5d142f8da6

cve.org (CVE-2023-53997)

nvd.nist.gov (CVE-2023-53997)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.