CVE-2020-36777

MEDIUM

Linux Kernel 4.5.0-4.9.269 - Use-After-Free in dvb_media_device_free

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: Fix memory leak in dvb_media_device_free() dvb_media_device_free() is leaking memory. Free `dvbdev->adapter->conn` before setting it to NULL, as documented in include/media/media-device.h: "The media_entity instance itself must be freed explicitly by the driver if required."

References (8)

Core 8

Scores

CVSS v3 5.5
EPSS 0.0024
EPSS Percentile 15.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-401
Status published
Products (19)
Linux/Linux < 4.5
Linux/Linux 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a - 06854b943e0571ccbd7ad0a529babed1a98ff275
Linux/Linux 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a - 32168ca1f123316848fffb85d059860adf3c409f
Linux/Linux 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a - 43263fd43083e412311fa764cd04a727b0c6a749
Linux/Linux 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a - 9185b3b1c143b8da409c19ac5a785aa18d67a81b
Linux/Linux 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a - 9ad15e214fcd73694ea51967d86055f47b802066
Linux/Linux 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a - bf9a40ae8d722f281a2721779595d6df1c33a0bf
Linux/Linux 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a - cd89f79be5d553c78202f686e8e4caa5fbe94e98
Linux/Linux 0230d60e4661d9ced6fb0b9a30f182ebdafbba7a - cede24d13be6c2a62be6d7ceea63c2719b0cfa82
Linux/Linux 4.14.233 - 4.14.*
... and 9 more
Published Feb 27, 2024
Tracked Since Feb 18, 2026