CVE-2020-36784

i2c: cadence: fix reference leak when pm_runtime_get_sync fails

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

i2c: cadence: fix reference leak when pm_runtime_get_sync fails

The PM reference count is not expected to be incremented on
return in functions cdns_i2c_master_xfer and cdns_reg_slave.

However, pm_runtime_get_sync will increment pm usage counter
even failed. Forgetting to putting operation will result in a
reference leak here.

Replace it with pm_runtime_resume_and_get to keep usage
counter balanced.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: i2c: cadencia: corrige la fuga de referencia cuando falla pm_runtime_get_sync No se espera que el recuento de referencias de PM aumente al regresar en las funciones cdns_i2c_master_xfer y cdns_reg_slave. Sin embargo, pm_runtime_get_sync incrementará el contador de uso de pm incluso si falla. Olvidarse de poner en funcionamiento resultará en una fuga de referencia aquí. Reemplácelo con pm_runtime_resume_and_get para mantener el contador de uso equilibrado.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-02-26 CVE Reserved
2024-02-28 CVE Published
2024-12-17 EPSS Updated
2024-12-19 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (5)

URL	Tag	Source
https://git.kernel.org/stable/c/7fa32329ca03148fb2c07b4ef3247b8fc0488d6a	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/30410519328c94367e561fd878e5f0d3a0303585	2021-05-14
https://git.kernel.org/stable/c/d57ff04e0ed6f3be1682ae861ead33f879225e07	2021-05-14
https://git.kernel.org/stable/c/a45fc41beed8e0fe31864619c34aa00797fb60c1	2021-05-14
https://git.kernel.org/stable/c/23ceb8462dc6f4b4decdb5536a7e5fc477cdf0b6	2021-04-14

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.5 < 5.10.37 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 5.10.37"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.5 < 5.11.21 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 5.11.21"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.5 < 5.12.4 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 5.12.4"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.5 < 5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 5.13"		en		Affected