CVE-2020-36784

In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions cdns_i2c_master_xfer and cdns_reg_slave. However, pm_runtime_get_sync will increment pm usage counter even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/23ceb8462dc6f4b4decdb5536a7e5fc477cdf0b6	Patch
https://git.kernel.org/stable/c/30410519328c94367e561fd878e5f0d3a0303585	Patch
https://git.kernel.org/stable/c/a45fc41beed8e0fe31864619c34aa00797fb60c1	Patch
https://git.kernel.org/stable/c/d57ff04e0ed6f3be1682ae861ead33f879225e07	Patch
https://git.kernel.org/stable/c/23ceb8462dc6f4b4decdb5536a7e5fc477cdf0b6	Patch
https://git.kernel.org/stable/c/30410519328c94367e561fd878e5f0d3a0303585	Patch
https://git.kernel.org/stable/c/a45fc41beed8e0fe31864619c34aa00797fb60c1	Patch
https://git.kernel.org/stable/c/d57ff04e0ed6f3be1682ae861ead33f879225e07	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

06 Dec 2024, 17:37

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/23ceb8462dc6f4b4decdb5536a7e5fc477cdf0b6 -~~	() https://git.kernel.org/stable/c/23ceb8462dc6f4b4decdb5536a7e5fc477cdf0b6 - Patch
References	~~() https://git.kernel.org/stable/c/30410519328c94367e561fd878e5f0d3a0303585 -~~	() https://git.kernel.org/stable/c/30410519328c94367e561fd878e5f0d3a0303585 - Patch
References	~~() https://git.kernel.org/stable/c/a45fc41beed8e0fe31864619c34aa00797fb60c1 -~~	() https://git.kernel.org/stable/c/a45fc41beed8e0fe31864619c34aa00797fb60c1 - Patch
References	~~() https://git.kernel.org/stable/c/d57ff04e0ed6f3be1682ae861ead33f879225e07 -~~	() https://git.kernel.org/stable/c/d57ff04e0ed6f3be1682ae861ead33f879225e07 - Patch
CPE		cpe:2.3:o:linux:linux_kernel::::::::
CWE		NVD-CWE-Other
First Time		Linux linux Kernel Linux
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5

Information

Published : 2024-02-28 09:15

Updated : 2024-12-06 17:37

NVD link : CVE-2020-36784

Mitre link : CVE-2020-36784

CVE.ORG link : CVE-2020-36784

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

5.5 /10