Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve416baaa9-dc9f-4396-8d5f-8c081fb06d67CVE-2023-52520
HistoryMar 02, 2024 - 10:15 p.m.

CVE-2023-52520

2024-03-0222:15:48
416baaa9-dc9f-4396-8d5f-8c081fb06d67
web.nvd.nist.gov
44
cve-2023-52520
linux kernel
platform/x86
think-lmi
reference leak
security vulnerability

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON

In the Linux kernel, the following vulnerability has been resolved:

platform/x86: think-lmi: Fix reference leak

If a duplicate attribute is found using kset_find_obj(), a reference
to that attribute is returned which needs to be disposed accordingly
using kobject_put(). Move the setting name validation into a separate
function to allow for this change without having to duplicate the
cleanup code for this setting.
As a side note, a very similar bug was fixed in
commit 7295a996fdab (“platform/x86: dell-sysman: Fix reference leak”),
so it seems that the bug was copied from that driver.

Compile-tested only.

Affected configurations

Vulners
Node
linuxlinux_kernelRange5.145.15.136
OR
linuxlinux_kernelRange5.16.06.1.59
OR
linuxlinux_kernelRange6.2.06.5.8
OR
linuxlinux_kernelRange6.6.0
VendorProductVersionCPE
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/platform/x86/think-lmi.c"
    ],
    "versions": [
      {
        "version": "1bcad8e510b2",
        "lessThan": "124cf0ea4b82",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1bcad8e510b2",
        "lessThan": "af21c9119a37",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1bcad8e510b2",
        "lessThan": "c6e3023579de",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "1bcad8e510b2",
        "lessThan": "528ab3e605ca",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "drivers/platform/x86/think-lmi.c"
    ],
    "versions": [
      {
        "version": "5.14",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.14",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15.136",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.1.59",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.5.8",
        "lessThanOrEqual": "6.5.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.6",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Related

prion 1
vulnrichment 1
ubuntucve 1
redhatcve 1
debiancve 1
cvelist 1
nvd 1
almalinux 2
rocky 2
nessus 12
osv 4
oraclelinux 1
openvas 9
ibm 1
prion
prion
Spoofing
2024-03-02 22:15:00
vulnrichment
vulnrichment
CVE-2023-52520 platform/x86: think-lmi: Fix reference leak
2024-03-02 21:52:28
ubuntucve
ubuntucve
CVE-2023-52520
2024-03-02 00:00:00
redhatcve
redhatcve
CVE-2023-52520
2024-03-04 20:02:37
debiancve
debiancve
CVE-2023-52520
2024-03-02 22:15:48
cvelist
cvelist
CVE-2023-52520 platform/x86: think-lmi: Fix reference leak
2024-03-02 21:52:28
nvd
nvd
CVE-2023-52520
2024-03-02 22:15:48
almalinux
almalinux
Moderate: kernel-rt security and bug fix update
2024-06-05 00:00:00
Moderate: kernel update
2024-06-05 00:00:00
rocky
rocky
kernel update
2024-06-14 13:59:16
kernel-rt security and bug fix update
2024-06-14 13:59:36
nessus
nessus
RHEL 8 : kernel-rt (RHSA-2024:3627)
2024-06-05 00:00:00
AlmaLinux 8 : kernel-rt (ALSA-2024:3627)
2024-06-05 00:00:00
Rocky Linux 8 : kernel-rt (RLSA-2024:3627)
2024-06-14 00:00:00
osv
osv
Moderate: kernel-rt security and bug fix update
2024-06-05 00:00:00
Moderate: kernel-rt security and bug fix update
2024-06-14 13:59:36
Moderate: kernel update
2024-06-05 00:00:00
oraclelinux
oraclelinux
kernel update
2024-06-05 00:00:00
openvas
openvas
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1320-1)
2024-04-19 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1321-1)
2024-04-19 00:00:00
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2024:1332-1)
2024-04-23 00:00:00
ibm
ibm
Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps
2024-06-26 16:06:34

6.5 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.7%

JSON
Related for CVE-2023-52520
prion1vulnrichment1ubuntucve1redhatcve1debiancve1cvelist1nvd1almalinux2rocky2nessus12osv4oraclelinux1openvas9ibm1