CVE-2023-52937

Summary: CVE-2023-52937 affects the Linux kernel’s hv_balloon path. The vulnerability arises from a memory leak when using debugfs_lookup(): the result must be released with dput(), but this handling is not performed in the hv_balloon code. The available connected sources state the fix is to call...

CVE-2023-52937 HV: hv_balloon: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: HV: hvballoon: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

kernel: HV: hv_balloon: fix memory leak with using debugfs_lookup()

In the Linux kernel, the following vulnerability has been resolved: HV: hvballoon: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

GSD-2023-1001862 HV: hv_balloon: fix memory leak with using debugfs_lookup()

HV: hvballoon: fix memory leak with using debugfslookup This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.11 by commit...

kernel security, bug fix, and enhancement update

2.6.32-573 - security selinux: dont waste ebitmap space when importing NetLabel categories Paul Moore 1130197 - x86 Revert Add driver auto probing for x86 features v4 Prarit Bhargava 1231280 - net bridge: netfilter: dont call iptables on vlan packets if sysctl is off Florian Westphal 1236551 - ne...