SB20250916285 - Information disclosure in Linux kernel clk imx driver
Published: September 16, 2025 Updated: September 22, 2025
Security Bulletin ID
SB20250916285
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Information disclosure (CVE-ID: CVE-2023-53264)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the imxrt1050_clocks_probe() function in drivers/clk/imx/clk-imxrt1050.c. A local user can gain access to sensitive information.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/02e54db221bb001b32f839e0149ee8d890ab9aa1
- https://git.kernel.org/stable/c/0fbdfd2542252e4c02e8158a06b7c0c9cfd40f99
- https://git.kernel.org/stable/c/1839032251a66f2ae5a043c495532830a55d28c4
- https://git.kernel.org/stable/c/1b280598ab3bd8a2dc8b96a12530d5b1ee7a8f4a
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.39
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.3.13
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.4
- https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5