CVE-2023-52520
EPSS
0.04 % (16th)
Advisories
11
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: think-lmi: Fix reference leak
If a duplicate attribute is found using kset_find_obj(), a reference
to that attribute is returned which needs to be disposed accordingly
using kobject_put(). Move the setting name validation into a separate
function to allow for this change without having to duplicate the
cleanup code for this setting.
As a side note, a very similar bug was fixed in
commit 7295a996fdab ("platform/x86: dell-sysman: Fix reference leak"),
so it seems that the bug was copied from that driver.
Compile-tested only.
- CVE Status
- PUBLISHED
- CNA
- kernel.org
- Published Date
-
2024-03-02 22:15:48
(6 months ago) - Updated Date
-
2024-03-04 13:58:23
(6 months ago)
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...