CVE-2023-53830

Summary

In the Linux kernel, the following vulnerability has been resolved:

platform/x86: think-lmi: Fix memory leak when showing current settings

When retriving a item string with tlmi_setting(), the result has to be freed using kfree(). In current_value_show() however, malformed item strings are not freed, causing a memory leak. Fix this by eliminating the early return responsible for this.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0fdf10e5fc964c315cf131a2eaab9cc531a9f40f < b9396d991abe8d1ac31a043274ab20b49f92c2e6affected
LinuxLinux0fdf10e5fc964c315cf131a2eaab9cc531a9f40f < 9071525bfcb1f5674117dbed3eca0cd7b122813baffected
LinuxLinux0fdf10e5fc964c315cf131a2eaab9cc531a9f40f < 5f99014c19fa50a5719c0bb78143282632675893affected
LinuxLinux0fdf10e5fc964c315cf131a2eaab9cc531a9f40f < a3c4c053014585dcf20f4df954791b74d8a8afcdaffected
LinuxLinux5.14affected
LinuxLinux0 < 5.14unaffected
LinuxLinux5.15.107 <= 5.15.*unaffected
LinuxLinux6.1.24 <= 6.1.*unaffected
LinuxLinux6.2.11 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

References