Resource Leak Affecting kernel-bootwrapper package, versions *
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-CENTOS7-KERNELBOOTWRAPPER-6319467
- published 29 Feb 2024
- disclosed 28 Feb 2024
Introduced: 28 Feb 2024
CVE-2020-36782 Open this link in a new tabHow to fix?
There is no fixed version for Centos:7 kernel-bootwrapper.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-bootwrapper package and not the kernel-bootwrapper package as distributed by Centos.
See How to fix? for Centos:7 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails
The PM reference count is not expected to be incremented on return in lpi2c_imx_master_enable.
However, pm_runtime_get_sync will increment the PM reference count even failed. Forgetting to putting operation will result in a reference leak here.
Replace it with pm_runtime_resume_and_get to keep usage counter balanced.
References
- https://access.redhat.com/security/cve/CVE-2020-36782
- https://git.kernel.org/stable/c/278e5bbdb9a94fa063c0f9bcde2479d0b8042462
- https://git.kernel.org/stable/c/815859cb1d2302e74f11bf6894bceace9ca9eb4a
- https://git.kernel.org/stable/c/b100650d80cd2292f6c152f5f2943b5944b3e8ce
- https://git.kernel.org/stable/c/bb300acc867e937edc2a6898e92b21f88e4e4e66
- https://git.kernel.org/stable/c/cc49d206414240483bb93ffa3d80243e6a776916