VDB
CVE-2020-36778
CVE-2020-36778
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in xiic_xfer and xiic_i2c_remove. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.
EPSS 0.02% · 4.9th percentile
Risk Scores
EPSS Score
0.02%
4.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:20.04:LTS | linux-azure-fde | *, *, * |
| Ubuntu:18.04:LTS | linux-aws-5.0 | 5.0.0-1025.28, *, 0 |
| Ubuntu:18.04:LTS | linux-hwe | 4.18.0-16.17~18.04.1, 4.18.0-15.16~18.04.1, 4.18.0-13.14~18.04.1 |
| Ubuntu:18.04:LTS | linux-oracle-5.3 | 5.3.0-1018.20~18.04.1, 5.3.0-1016.18~18.04.1, 5.3.0-1011.12~18.04.1 |
| Ubuntu:22.04:LTS | linux-lowlatency-hwe-5.19 | 5.19.0-1030.30, 5.19.0-1022.23~22.04.1, 5.19.0-1027.28~22.04.1 |
| Ubuntu:16.04:LTS | linux-hwe-edge | 4.13.0-19.22~16.04.1, 4.13.0-17.20~16.04.1, 4.11.0-14.20~16.04.1 |
| Ubuntu:20.04:LTS | linux-hwe-5.8 | 0, *, * |
| Ubuntu:22.04:LTS | linux-allwinner-5.19 | 5.19.0-1013.13~22.04.1, *, * |
| Ubuntu:20.04:LTS | linux-gcp-5.13 | 5.13.0-1033.40~20.04.1, 5.13.0-1030.36~20.04.1, 5.13.0-1027.32~20.04.1 |
| Ubuntu:18.04:LTS | linux-hwe-edge | 5.3.0-23.25~18.04.2, *, * |
| Ubuntu:20.04:LTS | linux-gke-5.15 | 5.15.0-1028.33~20.04.1, 5.15.0-1023.28~20.04.2, 5.15.0-1014.17~20.04.1 |
| Ubuntu:20.04:LTS | linux-oem-5.14 | 5.14.0-1011.11, 0, 5.14.0-1004.4 |
| Ubuntu:22.04:LTS | linux-gcp-5.19 | 5.19.0-1021.23~22.04.1, 5.19.0-1022.24~22.04.1, 5.19.0-1024.26~22.04.1 |
| Ubuntu:22.04:LTS | linux-gcp-6.2 | *, 6.2.0-1011.11~22.04.1, 6.2.0-1013.13~22.04.1 |
| Ubuntu:20.04:LTS | linux-riscv | 5.4.0-37.42, 5.4.0-34.38, 5.4.0-33.37 |
| Ubuntu:20.04:LTS | linux-oracle-5.11 | *, 0, * |
| Ubuntu:20.04:LTS | linux-oem-5.10 | 5.10.0-1025.26, 0, 5.10.0-1008.9 |
| Ubuntu:18.04:LTS | linux-gcp | 5.0.0-1025.26~18.04.1, 4.15.0-1017.18, 4.15.0-1015.15 |
| Ubuntu:22.04:LTS | linux-riscv-5.19 | 0, 5.19.0-1016.17~22.04.1, 5.19.0-1017.18~22.04.1 |
| Ubuntu:20.04:LTS | linux-gcp-5.8 | 5.8.0-1039.41, *, 0 |
…and 44 more
Timeline
- Feb 28, 2024 CVE Published
- Feb 29, 2024 EPSS Score
- Mar 27, 2024 EPSS Score
- Apr 22, 2024 EPSS Score
- May 19, 2024 EPSS Score
- Jun 14, 2024 EPSS Score
- Jul 11, 2024 EPSS Score
- Aug 7, 2024 EPSS Score
- Sep 2, 2024 EPSS Score
- Sep 29, 2024 EPSS Score
- Oct 25, 2024 EPSS Score
- Nov 21, 2024 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-36778 third-party-advisory
- https://git.kernel.org/linus/a85c5c7a3aa8041777ff691400b4046e56149fd3 third-party-advisory
- https://git.kernel.org/stable/c/c977426db644ba476938125597947979e8aba725 third-party-advisory
- https://git.kernel.org/stable/c/e2ba996577eaea423694dc69ae43d56f1410a22b third-party-advisory
- https://git.kernel.org/stable/c/a42ac16e6573f19c78f556ea292f5b534fcc4514 third-party-advisory
- https://git.kernel.org/stable/c/a85c5c7a3aa8041777ff691400b4046e56149fd3 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-36778 third-party-advisory