In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix reference leak If a duplicate attribute is found using kset_find_obj(), a reference to that attribute is returned which needs to be disposed accordingly using kobject_put(). Move the setting name validation into a separate function to allow for this change without having to duplicate the cleanup code for this setting. As a side note, a very similar bug was fixed in commit 7295a996fdab ("platform/x86: dell-sysman: Fix reference leak"), so it seems that the bug was copied from that driver. Compile-tested only.
History

Wed, 11 Dec 2024 15:45:00 +0000

Type Values Removed Values Added
First Time appeared Linux
Linux linux Kernel
Weaknesses NVD-CWE-Other
CPEs cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:*
Vendors & Products Linux
Linux linux Kernel

Wed, 13 Nov 2024 02:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:enterprise_linux:9
cpe:/o:redhat:enterprise_linux:9

cve-icon MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-03-02T21:52:28.434Z

Updated: 2024-12-19T08:21:23.346Z

Reserved: 2024-02-20T12:30:33.317Z

Link: CVE-2023-52520

cve-icon Vulnrichment

Updated: 2024-08-02T23:03:20.769Z

cve-icon NVD

Status : Analyzed

Published: 2024-03-02T22:15:48.080

Modified: 2024-12-11T15:16:55.293

Link: CVE-2023-52520

cve-icon Redhat

Severity : Low

Publid Date: 2024-03-02T00:00:00Z

Links: CVE-2023-52520 - Bugzilla