VDB
CVE-2020-36779
CVE-2020-36779
PUBLISHED
In the Linux kernel, the following vulnerability has been resolved: i2c: stm32f7: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented on return in these stm32f7_i2c_xx serious functions. However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here. Replace it with pm_runtime_resume_and_get to keep usage counter balanced.
EPSS 0.03% · 10.8th percentile
Risk Scores
EPSS Score
0.03%
10.8th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:20.04:LTS | linux-riscv-5.11 | 5.11.0-1030.34, 5.11.0-1028.31~20.04.1, 5.11.0-1026.28~20.04.1 |
| Ubuntu:20.04:LTS | linux-oem-5.6 | 5.6.0-1032.33, 5.6.0-1052.56, 5.6.0-1053.57 |
| Ubuntu:20.04:LTS | linux-azure-5.13 | *, *, 5.13.0-1031.37~20.04.1 |
| Ubuntu:22.04:LTS | linux-oem-6.0 | 6.0.0-1015.15, 6.0.0-1013.13, 6.0.0-1010.10 |
| Ubuntu:22.04:LTS | linux-hwe-5.19 | 5.19.0-35.36~22.04.1, *, 5.19.0-50.50 |
| Ubuntu:22.04:LTS | linux-riscv-5.19 | 5.19.0-1019.21~22.04.1, 5.19.0-1020.22~22.04.1, * |
| Ubuntu:22.04:LTS | linux-azure-fde-5.19 | 0, 5.19.0-1027.30~22.04.2.1, 5.19.0-1026.29~22.04.1.1 |
| Ubuntu:22.04:LTS | linux-lowlatency-hwe-5.19 | 5.19.0-1024.25~22.04.1, 5.19.0-1023.24~22.04.1, 5.19.0-1022.23~22.04.1 |
| Ubuntu:20.04:LTS | linux-riscv | 5.4.0-39.44, 5.4.0-24.28, 0 |
| Ubuntu:18.04:LTS | linux-azure-5.3 | 5.3.0-1018.19~18.04.1, 5.3.0-1019.20~18.04.1, 5.3.0-1028.29~18.04.1 |
| Ubuntu:22.04:LTS | linux-riscv | 5.15.0-1011.12, 0, 5.13.0-1004.4 |
| Ubuntu:22.04:LTS | linux-oem-5.17 | 5.17.0-1027.28, 5.17.0-1014.15, 5.17.0-1016.17 |
| Ubuntu:20.04:LTS | linux-oem-5.13 | 0, 5.13.0-1020.24, 5.13.0-1012.16 |
| Ubuntu:18.04:LTS | linux-oracle-5.0 | 0, *, 5.0.0-1011.16 |
| Ubuntu:20.04:LTS | linux-azure-5.8 | 5.8.0-1043.46~20.04.1, 5.8.0-1041.44~20.04.1, 5.8.0-1039.42~20.04.1 |
| Ubuntu:18.04:LTS | linux-oem | 4.15.0-1012.15, 4.15.0-1096.106, 4.15.0-1018.21 |
| Ubuntu:20.04:LTS | linux-oem-5.10 | 5.10.0-1011.12, 5.10.0-1016.17, 5.10.0-1008.9 |
| Ubuntu:20.04:LTS | linux-riscv-5.8 | 5.8.0-14.16~20.04.1, 5.8.0-20.22~20.04.1, * |
| Ubuntu:20.04:LTS | linux-gcp-5.11 | *, 5.11.0-1014.16~20.04.1, 5.11.0-1017.19~20.04.1 |
| Ubuntu:22.04:LTS | linux-oem-6.1 | 0, 6.1.0-1004.4, 6.1.0-1006.6 |
…and 44 more
Exploit Intelligence
- https://git.kernel.org/stable/c/c323b270a52a26aa8038a4d1fd9a850904a41166 (circl)
- https://git.kernel.org/stable/c/d791b90f5c5e5aa8ccf9e33386c16bd2b7e333a4 (circl)
- https://git.kernel.org/stable/c/c7ea772c9fcf711ed566814b92eecaffc0e2bfd0 (circl)
- https://git.kernel.org/stable/c/2c662660ce2bd3b09dae21a9a9ac9395e1e6c00b (circl)
Timeline
- Feb 28, 2024 CVE Published
- Feb 29, 2024 EPSS Score
- Mar 27, 2024 EPSS Score
- Apr 22, 2024 EPSS Score
- May 19, 2024 EPSS Score
- Jun 14, 2024 EPSS Score
- Jul 11, 2024 EPSS Score
- Aug 7, 2024 EPSS Score
- Sep 2, 2024 EPSS Score
- Sep 29, 2024 EPSS Score
- Oct 25, 2024 EPSS Score
- Nov 21, 2024 EPSS Score
References
- https://ubuntu.com/security/CVE-2020-36779 third-party-advisory
- https://git.kernel.org/linus/2c662660ce2bd3b09dae21a9a9ac9395e1e6c00b third-party-advisory
- https://git.kernel.org/stable/c/c323b270a52a26aa8038a4d1fd9a850904a41166 third-party-advisory
- https://git.kernel.org/stable/c/d791b90f5c5e5aa8ccf9e33386c16bd2b7e333a4 third-party-advisory
- https://git.kernel.org/stable/c/c7ea772c9fcf711ed566814b92eecaffc0e2bfd0 third-party-advisory
- https://git.kernel.org/stable/c/2c662660ce2bd3b09dae21a9a9ac9395e1e6c00b third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2020-36779 third-party-advisory