CVE-2022-48656

Summary

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get()

We should call of_node_put() for the reference returned by of_parse_phandle() in fail path or when it is not used anymore. Here we only need to move the of_node_put() before the check.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd702419134133db1eab2067dc6ea5723467fd917 < aa11dae059a439af82bae541b134f8f53ac177b5affected
LinuxLinuxd702419134133db1eab2067dc6ea5723467fd917 < dd5a6c5a08752b613e83ad2cb5133e72a64b876daffected
LinuxLinuxd702419134133db1eab2067dc6ea5723467fd917 < a17df55bf6d536712da6902a83db82b82e67d5a2affected
LinuxLinuxd702419134133db1eab2067dc6ea5723467fd917 < f9fdb0b86f087c2b7f6c6168dd0985a3c1eda87eaffected
LinuxLinux5.6affected
LinuxLinux0 < 5.6unaffected
LinuxLinux5.10.146 <= 5.10.*unaffected
LinuxLinux5.15.71 <= 5.15.*unaffected
LinuxLinux5.19.12 <= 5.19.*unaffected
LinuxLinux6.0 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References