CVE-2023-53830

In the Linux kernel, the following vulnerability has been resolved:

platform/x86: think-lmi: Fix memory leak when showing current settings

When retriving a item string with tlmi_setting(), the result has to be
freed using kfree(). In current_value_show() however, malformed
item strings are not freed, causing a memory leak.
Fix this by eliminating the early return responsible for this.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
not-affected
bullseye (security)
5.10.244-1
fixed
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.158-1
fixed
trixie
6.12.57-1
fixed
trixie (security)
6.12.48-1
fixed
forky
6.17.9-1
fixed
sid
6.17.11-1
fixed
References
https://git.kernel.org/stable/c/5f99014c19fa50a5719c0bb78143282632675893
https://git.kernel.org/stable/c/9071525bfcb1f5674117dbed3eca0cd7b122813b
https://git.kernel.org/stable/c/a3c4c053014585dcf20f4df954791b74d8a8afcd
https://git.kernel.org/stable/c/b9396d991abe8d1ac31a043274ab20b49f92c2e6