Volerion logoVolerion
Volerion logoVolerion

Linux Kernel IMX93 Clock Driver Memory Leak Vulnerability

Vulnerability

A memory leak vulnerability has been identified in the Linux kernel's IMX93 clock driver. When an error occurs during the 'probe()' function, the driver fails to unregister hardware clocks, leading to a memory leak. This issue affects the Linux kernel stable tree.

Impact

The vulnerability causes a memory leak, which can lead to increased memory usage and potential exhaustion of system resources over time.

Reproduction

The vulnerability can be reproduced by loading the IMX93 clock driver and inducing an error during the 'probe()' function. This will cause the function to return prematurely without properly unregistering the hardware clocks, leading to a memory leak.

Remediation

The vulnerability has been addressed by modifying the 'probe()' function to include a 'goto unregister_hws;' statement when an error occurs. This change ensures that the hardware clocks are properly unregistered, preventing the memory leak.

Added: Dec 30, 2025, 3:33 PM
Updated: Dec 30, 2025, 3:33 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
4.3
remediation
7.7
relevance
1.8
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.