Memory Leak Affecting kernel-headers package, versions <0:4.18.0-553.5.1.el8_10
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-ROCKY8-KERNELHEADERS-7261901
- published 15 Jun 2024
- disclosed 27 Feb 2024
Introduced: 27 Feb 2024
CVE-2020-36777 Open this link in a new tabHow to fix?
Upgrade Rocky-Linux:8 kernel-headers to version 0:4.18.0-553.5.1.el8_10 or higher.
This issue was patched in RLSA-2024:3618.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-headers package and not the kernel-headers package as distributed by Rocky-Linux.
See How to fix? for Rocky-Linux:8 relevant fixed versions and status.
In the Linux kernel, the following vulnerability has been resolved:
media: dvbdev: Fix memory leak in dvb_media_device_free()
dvb_media_device_free() is leaking memory. Free dvbdev->adapter->conn
before setting it to NULL, as documented in include/media/media-device.h:
"The media_entity instance itself must be freed explicitly by the driver
if required."
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36777
- https://git.kernel.org/stable/c/06854b943e0571ccbd7ad0a529babed1a98ff275
- https://git.kernel.org/stable/c/32168ca1f123316848fffb85d059860adf3c409f
- https://git.kernel.org/stable/c/43263fd43083e412311fa764cd04a727b0c6a749
- https://git.kernel.org/stable/c/9185b3b1c143b8da409c19ac5a785aa18d67a81b
- https://git.kernel.org/stable/c/9ad15e214fcd73694ea51967d86055f47b802066
- https://git.kernel.org/stable/c/bf9a40ae8d722f281a2721779595d6df1c33a0bf
- https://git.kernel.org/stable/c/cd89f79be5d553c78202f686e8e4caa5fbe94e98
- https://git.kernel.org/stable/c/cede24d13be6c2a62be6d7ceea63c2719b0cfa82