CVE-2022-50197

In the Linux kernel, the following vulnerability has been resolved: cpufreq: zynq: Fix refcount leak in zynq_get_revision of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/179034fb108e3655142f2af0c309cef171c34d68	Patch
https://git.kernel.org/stable/c/22e6d8bcde8e66b64f46bf9bd2d3d0f88d40c39f	Patch
https://git.kernel.org/stable/c/3b01353f1825151a29d08e0868b2bf01e1116ab5	Patch
https://git.kernel.org/stable/c/a530fa52d4fdffc5f010f90c05ac63019b8ff5f8	Patch
https://git.kernel.org/stable/c/d1ff2559cef0f6f8d97fba6337b28adb10689e16	Patch
https://git.kernel.org/stable/c/dcbb974254d2a27240c2e50185afdde90f923feb	Patch
https://git.kernel.org/stable/c/ecefd22d5db7ccb8bec2646e5d25e058fc33162a	Patch
https://git.kernel.org/stable/c/f52c9be1779d70037ae300762d19b08fe3656237	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

19 Nov 2025, 12:47

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel::::::::
First Time		Linux Linux linux Kernel
CWE		NVD-CWE-Other
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cpufreq: zynq: Se corrige la fuga de recuento de referencias en zynq_get_revision. of_find_compatible_node() devuelve un puntero de nodo con el recuento de referencias incrementado; al finalizar, se debe usar of_node_put(). Se ha añadido la función of_node_put() que falta para evitar la fuga de recuento de referencias.
References	~~() https://git.kernel.org/stable/c/179034fb108e3655142f2af0c309cef171c34d68 -~~	() https://git.kernel.org/stable/c/179034fb108e3655142f2af0c309cef171c34d68 - Patch
References	~~() https://git.kernel.org/stable/c/22e6d8bcde8e66b64f46bf9bd2d3d0f88d40c39f -~~	() https://git.kernel.org/stable/c/22e6d8bcde8e66b64f46bf9bd2d3d0f88d40c39f - Patch
References	~~() https://git.kernel.org/stable/c/3b01353f1825151a29d08e0868b2bf01e1116ab5 -~~	() https://git.kernel.org/stable/c/3b01353f1825151a29d08e0868b2bf01e1116ab5 - Patch
References	~~() https://git.kernel.org/stable/c/a530fa52d4fdffc5f010f90c05ac63019b8ff5f8 -~~	() https://git.kernel.org/stable/c/a530fa52d4fdffc5f010f90c05ac63019b8ff5f8 - Patch
References	~~() https://git.kernel.org/stable/c/d1ff2559cef0f6f8d97fba6337b28adb10689e16 -~~	() https://git.kernel.org/stable/c/d1ff2559cef0f6f8d97fba6337b28adb10689e16 - Patch
References	~~() https://git.kernel.org/stable/c/dcbb974254d2a27240c2e50185afdde90f923feb -~~	() https://git.kernel.org/stable/c/dcbb974254d2a27240c2e50185afdde90f923feb - Patch
References	~~() https://git.kernel.org/stable/c/ecefd22d5db7ccb8bec2646e5d25e058fc33162a -~~	() https://git.kernel.org/stable/c/ecefd22d5db7ccb8bec2646e5d25e058fc33162a - Patch
References	~~() https://git.kernel.org/stable/c/f52c9be1779d70037ae300762d19b08fe3656237 -~~	() https://git.kernel.org/stable/c/f52c9be1779d70037ae300762d19b08fe3656237 - Patch

18 Jun 2025, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-18 11:15

Updated : 2025-11-19 12:47

NVD link : CVE-2022-50197

Mitre link : CVE-2022-50197

CVE.ORG link : CVE-2022-50197

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

5.5 /10