Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-36778

Опубликовано: 28 фев. 2024
Источник: redhat
CVSS3: 4.4
EPSS Низкий

Описание

In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in xiic_xfer and xiic_i2c_remove. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6kernelOut of support scope
Red Hat Enterprise Linux 7kernelOut of support scope
Red Hat Enterprise Linux 7kernel-rtOut of support scope
Red Hat Enterprise Linux 8kernelNot affected
Red Hat Enterprise Linux 8kernel-rtNot affected
Red Hat Enterprise Linux 9kernelNot affected
Red Hat Enterprise Linux 9kernel-rtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-402
https://bugzilla.redhat.com/show_bug.cgi?id=2266940kernel: i2c: xiic: fix reference leak when pm_runtime_get_sync fails

EPSS

Процентиль: 4%
0.00018
Низкий

4.4 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-36778

CVSS3: 5.5
ubuntu
почти 2 года назад

In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in xiic_xfer and xiic_i2c_remove. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.

nvd логотип

CVE-2020-36778

CVSS3: 5.5
nvd
почти 2 года назад

In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in xiic_xfer and xiic_i2c_remove. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.

debian логотип

CVE-2020-36778

CVSS3: 5.5
debian
почти 2 года назад

In the Linux kernel, the following vulnerability has been resolved: i ...

github логотип

GHSA-f66f-jmx2-2jjm

CVSS3: 5.5
github
почти 2 года назад

In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in xiic_xfer and xiic_i2c_remove. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.

fstec логотип

BDU:2025-02858

CVSS3: 5.5
fstec
почти 5 лет назад

Уязвимость функции xiic_xfer() модуля drivers/i2c/busses/i2c-xiic.c ядра операционной системы Linux, позволяющая нарушителю получить доступ к защищаемой информации.

EPSS

Процентиль: 4%
0.00018
Низкий

4.4 Medium

CVSS3