CVE-2024-36955

Summary

In the Linux kernel, the following vulnerability has been resolved:

ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node()

The documentation for device_get_named_child_node() mentions this important point:

" The caller is responsible for calling fwnode_handle_put() on the returned fwnode pointer. "

Add fwnode_handle_put() to avoid a leaked reference.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux08c2a4bc9f2acaefbd0158866db5cb3238a68674 < bd2d9641a39e6b5244230c4b41c4aca83b54b377affected
LinuxLinux08c2a4bc9f2acaefbd0158866db5cb3238a68674 < 722d33c442e66e4aabd3e778958d696ff3a2777eaffected
LinuxLinux08c2a4bc9f2acaefbd0158866db5cb3238a68674 < 7db626d2730d3d80fd31638169054b1e507f07bfaffected
LinuxLinux08c2a4bc9f2acaefbd0158866db5cb3238a68674 < 7ef6ecf98ce309b1f4e5a25cddd5965d01feea07affected
LinuxLinux08c2a4bc9f2acaefbd0158866db5cb3238a68674 < c158cf914713efc3bcdc25680c7156c48c12ef6aaffected
LinuxLinux5.12affected
LinuxLinux0 < 5.12unaffected
LinuxLinux5.15.159 <= 5.15.*unaffected
LinuxLinux6.1.91 <= 6.1.*unaffected
LinuxLinux6.6.31 <= 6.6.*unaffected
LinuxLinux6.8.10 <= 6.8.*unaffected
LinuxLinux6.9 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References