CVE-2023-53830

medium

Description

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leak when showing current settings When retriving a item string with tlmi_setting(), the result has to be freed using kfree(). In current_value_show() however, malformed item strings are not freed, causing a memory leak. Fix this by eliminating the early return responsible for this.

References

https://git.kernel.org/stable/c/b9396d991abe8d1ac31a043274ab20b49f92c2e6

https://git.kernel.org/stable/c/a3c4c053014585dcf20f4df954791b74d8a8afcd

https://git.kernel.org/stable/c/9071525bfcb1f5674117dbed3eca0cd7b122813b

https://git.kernel.org/stable/c/5f99014c19fa50a5719c0bb78143282632675893

Details

Source: Mitre, NVD

Published: 2025-12-09

Updated: 2025-12-09

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00018