CVE-2020-36784

low

Description

In the Linux kernel, the following vulnerability has been resolved: i2c: cadence: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in functions cdns_i2c_master_xfer and cdns_reg_slave. However, pm_runtime_get_sync will increment pm usage counter even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.

References

https://git.kernel.org/stable/c/d57ff04e0ed6f3be1682ae861ead33f879225e07

https://git.kernel.org/stable/c/a45fc41beed8e0fe31864619c34aa00797fb60c1

https://git.kernel.org/stable/c/30410519328c94367e561fd878e5f0d3a0303585

https://git.kernel.org/stable/c/23ceb8462dc6f4b4decdb5536a7e5fc477cdf0b6

Details

Source: Mitre, NVD

Published: 2024-02-28

Updated: 2024-02-28

Risk Information

CVSS v2

Base Score: 1.7

Vector: CVSS2#AV:L/AC:L/Au:S/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 3.3

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Severity: Low