Volerion logoVolerion
Volerion logoVolerion

Linux Kernel Reference Leak Vulnerability in Dell Systems Management Driver

Vulnerability

A reference leak vulnerability has been identified in the Linux kernel's support for the Systems Management Driver over WMI for Dell Systems. The issue arises in the 'dell-wmi-sysman' component, where duplicate attributes can be found using 'kset_find_obj()'. When a duplicate is detected, a reference to that attribute is returned, creating a need to properly dispose of it to prevent memory leaks. The vulnerability affects several versions of the Linux kernel.

Impact

The vulnerability leads to a reference leak, which can cause memory management issues such as increased memory usage or potential memory corruption.

Reproduction

The vulnerability can be reproduced by loading the Dell Systems Management Driver over WMI on a vulnerable version of the Linux kernel. When the driver encounters duplicate attributes, it fails to properly release the references, leading to a memory leak.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been addressed.

Added: Oct 7, 2025, 5:49 PM
Updated: Oct 7, 2025, 5:49 PM

Vulnerability Rating

Custom Algorithm
spread
9.0
impact
0.6
exploitability
4.3
remediation
7.7
relevance
0.6
threat
4.8
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.