CVE-2024-36955

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-36955
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36955.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-36955
Downstream
Related
Published
2024-05-30T15:35:49.256Z
Modified
2026-03-14T12:34:16.816745Z
Severity
  • 7.7 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
Summary
ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node()
Details

In the Linux kernel, the following vulnerability has been resolved:

ALSA: hda: intel-sdw-acpi: fix usage of devicegetnamedchildnode()

The documentation for devicegetnamedchildnode() mentions this important point:

" The caller is responsible for calling fwnodehandleput() on the returned fwnode pointer. "

Add fwnodehandleput() to avoid a leaked reference.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/36xxx/CVE-2024-36955.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
08c2a4bc9f2acaefbd0158866db5cb3238a68674
Fixed
bd2d9641a39e6b5244230c4b41c4aca83b54b377
Fixed
722d33c442e66e4aabd3e778958d696ff3a2777e
Fixed
7db626d2730d3d80fd31638169054b1e507f07bf
Fixed
7ef6ecf98ce309b1f4e5a25cddd5965d01feea07
Fixed
c158cf914713efc3bcdc25680c7156c48c12ef6a

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-36955.json"