CVE-2020-36777

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: dvbdev: Fix memory leak in dvb_media_device_free()

dvb_media_device_free() is leaking memory. Free dvbdev->adapter->conn before setting it to NULL, as documented in include/media/media-device.h: "The media_entity instance itself must be freed explicitly by the driver if required."

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0230d60e4661d9ced6fb0b9a30f182ebdafbba7a < 06854b943e0571ccbd7ad0a529babed1a98ff275affected
LinuxLinux0230d60e4661d9ced6fb0b9a30f182ebdafbba7a < 32168ca1f123316848fffb85d059860adf3c409faffected
LinuxLinux0230d60e4661d9ced6fb0b9a30f182ebdafbba7a < cd89f79be5d553c78202f686e8e4caa5fbe94e98affected
LinuxLinux0230d60e4661d9ced6fb0b9a30f182ebdafbba7a < 9185b3b1c143b8da409c19ac5a785aa18d67a81baffected
LinuxLinux0230d60e4661d9ced6fb0b9a30f182ebdafbba7a < 43263fd43083e412311fa764cd04a727b0c6a749affected
LinuxLinux0230d60e4661d9ced6fb0b9a30f182ebdafbba7a < 9ad15e214fcd73694ea51967d86055f47b802066affected
LinuxLinux0230d60e4661d9ced6fb0b9a30f182ebdafbba7a < cede24d13be6c2a62be6d7ceea63c2719b0cfa82affected
LinuxLinux0230d60e4661d9ced6fb0b9a30f182ebdafbba7a < bf9a40ae8d722f281a2721779595d6df1c33a0bfaffected
LinuxLinux4.5affected
LinuxLinux0 < 4.5unaffected
LinuxLinux4.9.269 <= 4.9.*unaffected
LinuxLinux4.14.233 <= 4.14.*unaffected
LinuxLinux4.19.191 <= 4.19.*unaffected
LinuxLinux5.4.118 <= 5.4.*unaffected
LinuxLinux5.10.36 <= 5.10.*unaffected
LinuxLinux5.11.20 <= 5.11.*unaffected
LinuxLinux5.12.3 <= 5.12.*unaffected
LinuxLinux5.13 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References