PT-2024-10832 · Linux+1 · Linux Kernel+1

Published

2021-04-14

Updated

2024-12-06

CVE-2020-36784

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A reference leak occurs in the Linux kernel when pm runtime get sync fails. The PM reference count is not expected to be incremented on return in functions cdns i2c master xfer and cdns reg slave. However, pm runtime get sync will increment the pm usage counter even if it fails. Forgetting to put the operation will result in a reference leak. This issue can be resolved by replacing pm runtime get sync with pm runtime resume and get to keep the usage counter balanced.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-402

Related Identifiers

BDU:2025-02861

CVE-2020-36784

OESA-2024-1392

OESA-2024-1393

OPENSUSE-SU-2024_0857-1

SUSE-SU-2024:0856-1

SUSE-SU-2024:0857-1

SUSE-SU-2024:0925-1

SUSE-SU-2024:0926-1

SUSE-SU-2024:0975-1

SUSE-SU-2024:0976-1

Affected Products

Linux Kernel

Suse

PT-2024-10832 · Linux+1 · Linux Kernel+1

CVE-2020-36784

Weakness Enumeration

Related Identifiers

Affected Products

References · 238