In the Linux kernel, the following vulnerability has been resolved:
platform/x86: think-lmi: Fix reference leak If a duplicate attribute is
found using kset_find_obj(), a reference to that attribute is returned
which needs to be disposed accordingly using kobject_put(). Move the
setting name validation into a separate function to allow for this change
without having to duplicate the cleanup code for this setting. As a side
note, a very similar bug was fixed in commit 7295a996fdab (“platform/x86:
dell-sysman: Fix reference leak”), so it seems that the bug was copied from
that driver. Compile-tested only.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 22.04 | noarch | linux | < 5.15.0-94.104 | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < 6.5.0-17.17 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1053.58 | UNKNOWN |
ubuntu | 23.10 | noarch | linux-aws | < 6.5.0-1013.13 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < 5.15.0-1053.58~20.04.1 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure | < 5.15.0-1056.64 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure-5.15 | < 5.15.0-1056.64~20.04.1 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure-6.5 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure-fde | < 5.15.0-1056.64.1 | UNKNOWN |