CVE-2022-48856

Summary

In the Linux kernel, the following vulnerability has been resolved:

gianfar: ethtool: Fix refcount leak in gfar_get_ts_info

The of_find_compatible_node() function returns a node pointer with refcount incremented, We should use of_node_put() on it when done Add the missing of_node_put() to release the refcount.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux7349a74ea75ca27606ead81df3ed67f1b32a94ba < 6263f2eb93a85ad7df504daf0c341a7fb6bbe8a6affected
LinuxLinux7349a74ea75ca27606ead81df3ed67f1b32a94ba < f7b3b520349193f8a82cca74daf366199e06add9affected
LinuxLinux7349a74ea75ca27606ead81df3ed67f1b32a94ba < 21044e679ed535345042d2023f7df0ca8e897e2aaffected
LinuxLinux7349a74ea75ca27606ead81df3ed67f1b32a94ba < f49f646f9ec296fc0afe7ae92c2bb47f23e3846caffected
LinuxLinux7349a74ea75ca27606ead81df3ed67f1b32a94ba < 0e1b9a2078e07fb1e6e91bf8badfd89ecab1e848affected
LinuxLinux7349a74ea75ca27606ead81df3ed67f1b32a94ba < 2ac5b58e645c66932438bb021cb5b52097ce70b0affected
LinuxLinux4.18affected
LinuxLinux0 < 4.18unaffected
LinuxLinux4.19.235 <= 4.19.*unaffected
LinuxLinux5.4.185 <= 5.4.*unaffected
LinuxLinux5.10.106 <= 5.10.*unaffected
LinuxLinux5.15.29 <= 5.15.*unaffected
LinuxLinux5.16.15 <= 5.16.*unaffected
LinuxLinux5.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References