CVE-2024-36959
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
30/05/2024
Last modified:
14/01/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()<br />
<br />
If we fail to allocate propname buffer, we need to drop the reference<br />
count we just took. Because the pinctrl_dt_free_maps() includes the<br />
droping operation, here we call it directly.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.9.334 (including) | 4.10 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.14.300 (including) | 4.15 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.19.267 (including) | 4.19.314 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.4.225 (including) | 5.4.276 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.10.156 (including) | 5.10.217 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.15.80 (including) | 5.15.159 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.0.10 (including) | 6.1.91 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.31 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.8.10 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:* | ||
| cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/026e24cf31733dbd97f41cc9bc5273ace428eeec
- https://git.kernel.org/stable/c/06780473cb8a858d1d6cab2673e021b072a852d1
- https://git.kernel.org/stable/c/35ab679e8bb5a81a4f922d3efbd43e32bce69274
- https://git.kernel.org/stable/c/47d253c485491caaf70d8cd8c0248ae26e42581f
- https://git.kernel.org/stable/c/518d5ddafeb084d6d9b1773ed85164300037d0e6
- https://git.kernel.org/stable/c/76aa2440deb9a35507590f2c981a69a57ecd305d
- https://git.kernel.org/stable/c/a0cedbcc8852d6c77b00634b81e41f17f29d9404
- https://git.kernel.org/stable/c/c7e02ccc9fdc496fe51e440e3e66ac36509ca049
- https://git.kernel.org/stable/c/026e24cf31733dbd97f41cc9bc5273ace428eeec
- https://git.kernel.org/stable/c/06780473cb8a858d1d6cab2673e021b072a852d1
- https://git.kernel.org/stable/c/35ab679e8bb5a81a4f922d3efbd43e32bce69274
- https://git.kernel.org/stable/c/47d253c485491caaf70d8cd8c0248ae26e42581f
- https://git.kernel.org/stable/c/518d5ddafeb084d6d9b1773ed85164300037d0e6
- https://git.kernel.org/stable/c/76aa2440deb9a35507590f2c981a69a57ecd305d
- https://git.kernel.org/stable/c/a0cedbcc8852d6c77b00634b81e41f17f29d9404
- https://git.kernel.org/stable/c/c7e02ccc9fdc496fe51e440e3e66ac36509ca049
- https://lists.debian.org/debian-lts-announce/2024/06/msg00019.html
- https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html