CVE-2022-49656

In the Linux kernel, the following vulnerability has been resolved: ARM: meson: Fix refcount leak in meson_smp_prepare_cpus of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/2e1bcd33478ef44e63a45457055060b5fe4118ad	Patch
https://git.kernel.org/stable/c/34d2cd3fccced12b958b8848e3eff0ee4296764c	Patch
https://git.kernel.org/stable/c/3cf8ece9113242c10f83c7675ea4f4f67959ee43	Patch
https://git.kernel.org/stable/c/3d90607e7e6afa89768b0aaa915b58bd2b849276	Patch
https://git.kernel.org/stable/c/7208101ded1e9dcc52c8f0f8b16474211c871c1a	Patch
https://git.kernel.org/stable/c/c5fbf4f74c94fd60d5e9bf9f7f8268c3601562ca	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc1::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc2::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc3::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc4::::::
	cpe:2.3:o:linux:linux_kernel:5.19:rc5::::::

History

11 Mar 2025, 22:08

Type	Values Removed	Values Added
References	~~() https://git.kernel.org/stable/c/2e1bcd33478ef44e63a45457055060b5fe4118ad -~~	() https://git.kernel.org/stable/c/2e1bcd33478ef44e63a45457055060b5fe4118ad - Patch
References	~~() https://git.kernel.org/stable/c/34d2cd3fccced12b958b8848e3eff0ee4296764c -~~	() https://git.kernel.org/stable/c/34d2cd3fccced12b958b8848e3eff0ee4296764c - Patch
References	~~() https://git.kernel.org/stable/c/3cf8ece9113242c10f83c7675ea4f4f67959ee43 -~~	() https://git.kernel.org/stable/c/3cf8ece9113242c10f83c7675ea4f4f67959ee43 - Patch
References	~~() https://git.kernel.org/stable/c/3d90607e7e6afa89768b0aaa915b58bd2b849276 -~~	() https://git.kernel.org/stable/c/3d90607e7e6afa89768b0aaa915b58bd2b849276 - Patch
References	~~() https://git.kernel.org/stable/c/7208101ded1e9dcc52c8f0f8b16474211c871c1a -~~	() https://git.kernel.org/stable/c/7208101ded1e9dcc52c8f0f8b16474211c871c1a - Patch
References	~~() https://git.kernel.org/stable/c/c5fbf4f74c94fd60d5e9bf9f7f8268c3601562ca -~~	() https://git.kernel.org/stable/c/c5fbf4f74c94fd60d5e9bf9f7f8268c3601562ca - Patch
CPE		cpe:2.3:o:linux:linux_kernel:5.19:rc1:::::: cpe:2.3:o:linux:linux_kernel:5.19:rc5:::::: cpe:2.3:o:linux:linux_kernel:5.19:rc2:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:5.19:rc4:::::: cpe:2.3:o:linux:linux_kernel:5.19:rc3::::::
First Time		Linux Linux linux Kernel
CWE		NVD-CWE-Other
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ARM: meson: Se corrige la pérdida de recuento de referencias en meson_smp_prepare_cpus of_find_compatible_node() devuelve un puntero de nodo con el recuento de referencias incrementado; cuando termine, debemos usar of_node_put() en él. Agregue el error of_node_put() faltante para evitar la pérdida de recuento de referencias.

26 Feb 2025, 07:01

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-02-26 07:01

Updated : 2025-03-11 22:08

NVD link : CVE-2022-49656

Mitre link : CVE-2022-49656

CVE.ORG link : CVE-2022-49656

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

5.5 /10