CVE-2024-36959

Published May 30, 2024

Last updated a month ago

CVSS medium 5.5

Overview

Description: In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() If we fail to allocate propname buffer, we need to drop the reference count we just took. Because the pinctrl_dt_free_maps() includes the droping operation, here we call it directly.
Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 5.5
Impact score: 3.6
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Severity: MEDIUM

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DC8B6A5-A0C7-40BC-A3F8-79322ADB0AD1",
            "versionEndExcluding": "4.10",
            "versionStartIncluding": "4.9.334"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4586CC4A-45D3-4A21-89F2-797E54C6401B",
            "versionEndExcluding": "4.15",
            "versionStartIncluding": "4.14.300"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83754EE5-4EBA-43B5-8F14-87E6715618BD",
            "versionEndExcluding": "4.19.314",
            "versionStartIncluding": "4.19.267"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D1230C41-5D1A-4B50-9E6F-518379B1CF06",
            "versionEndExcluding": "5.4.276",
            "versionStartIncluding": "5.4.225"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B68D8280-0B44-49CA-8729-F798A590889D",
            "versionEndExcluding": "5.10.217",
            "versionStartIncluding": "5.10.156"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76A5CE89-4437-4DAD-B527-EACB3D0E219D",
            "versionEndExcluding": "5.15.159",
            "versionStartIncluding": "5.15.80"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F37E157A-0DEA-44AD-A51B-6F8D4A77326A",
            "versionEndExcluding": "6.1.91",
            "versionStartIncluding": "6.0.10"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CDDB1F69-36AC-41C1-9192-E7CCEF5FFC00",
            "versionEndExcluding": "6.6.31",
            "versionStartIncluding": "6.2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6A6B920C-8D8F-4130-86B4-AD334F4CF2E3",
            "versionEndExcluding": "6.8.10",
            "versionStartIncluding": "6.7"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "22BEDD49-2C6D-402D-9DBF-6646F6ECD10B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF73CB2A-DFFD-46FB-9BFE-AA394F27EA37"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52048DDA-FC5A-4363-95A0-A6357B4D7F8C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A06B2CCF-3F43-4FA9-8773-C83C3F5764B2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F850DCEC-E08B-4317-A33B-D2DCF39F601B"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:6.9:rc6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "91326417-E981-482E-A5A3-28BC1327521B"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References