In the Linux kernel, the following vulnerability has been resolved:
platform/x86: think-lmi: Fix reference leak
If a duplicate attribute is found using kset_find_obj(), a reference
to that attribute is returned which needs to be disposed accordingly
using kobject_put(). Move the setting name validation into a separate
function to allow for this change without having to duplicate the
cleanup code for this setting.
As a side note, a very similar bug was fixed in
commit 7295a996fdab ("platform/x86: dell-sysman: Fix reference leak"),
so it seems that the bug was copied from that driver.
Compile-tested only.
Metrics
Affected Vendors & Products
References
History
Wed, 11 Dec 2024 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
Weaknesses | NVD-CWE-Other | |
CPEs | cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:6.6:rc4:*:*:*:*:*:* |
|
Vendors & Products |
Linux
Linux linux Kernel |
Wed, 13 Nov 2024 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9 |
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-03-02T21:52:28.434Z
Updated: 2024-12-19T08:21:23.346Z
Reserved: 2024-02-20T12:30:33.317Z
Link: CVE-2023-52520
Vulnrichment
Updated: 2024-08-02T23:03:20.769Z
NVD
Status : Analyzed
Published: 2024-03-02T22:15:48.080
Modified: 2024-12-11T15:16:55.293
Link: CVE-2023-52520
Redhat