CVE-2020-36782

In the Linux kernel, the following vulnerability has been resolved: i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in lpi2c_imx_master_enable. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/278e5bbdb9a94fa063c0f9bcde2479d0b8042462	Patch
https://git.kernel.org/stable/c/815859cb1d2302e74f11bf6894bceace9ca9eb4a	Patch
https://git.kernel.org/stable/c/b100650d80cd2292f6c152f5f2943b5944b3e8ce	Patch
https://git.kernel.org/stable/c/bb300acc867e937edc2a6898e92b21f88e4e4e66	Patch
https://git.kernel.org/stable/c/cc49d206414240483bb93ffa3d80243e6a776916	Patch
https://git.kernel.org/stable/c/278e5bbdb9a94fa063c0f9bcde2479d0b8042462	Patch
https://git.kernel.org/stable/c/815859cb1d2302e74f11bf6894bceace9ca9eb4a	Patch
https://git.kernel.org/stable/c/b100650d80cd2292f6c152f5f2943b5944b3e8ce	Patch
https://git.kernel.org/stable/c/bb300acc867e937edc2a6898e92b21f88e4e4e66	Patch
https://git.kernel.org/stable/c/cc49d206414240483bb93ffa3d80243e6a776916	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

06 Dec 2024, 18:02

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
References	~~() https://git.kernel.org/stable/c/278e5bbdb9a94fa063c0f9bcde2479d0b8042462 -~~	() https://git.kernel.org/stable/c/278e5bbdb9a94fa063c0f9bcde2479d0b8042462 - Patch
References	~~() https://git.kernel.org/stable/c/815859cb1d2302e74f11bf6894bceace9ca9eb4a -~~	() https://git.kernel.org/stable/c/815859cb1d2302e74f11bf6894bceace9ca9eb4a - Patch
References	~~() https://git.kernel.org/stable/c/b100650d80cd2292f6c152f5f2943b5944b3e8ce -~~	() https://git.kernel.org/stable/c/b100650d80cd2292f6c152f5f2943b5944b3e8ce - Patch
References	~~() https://git.kernel.org/stable/c/bb300acc867e937edc2a6898e92b21f88e4e4e66 -~~	() https://git.kernel.org/stable/c/bb300acc867e937edc2a6898e92b21f88e4e4e66 - Patch
References	~~() https://git.kernel.org/stable/c/cc49d206414240483bb93ffa3d80243e6a776916 -~~	() https://git.kernel.org/stable/c/cc49d206414240483bb93ffa3d80243e6a776916 - Patch
CPE		cpe:2.3:o:linux:linux_kernel::::::::
First Time		Linux linux Kernel Linux
CWE		NVD-CWE-Other

Information

Published : 2024-02-28 09:15

Updated : 2024-12-06 18:02

NVD link : CVE-2020-36782

Mitre link : CVE-2020-36782

CVE.ORG link : CVE-2020-36782

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

5.5 /10