CVE-2022-48961

Summary

In the Linux kernel, the following vulnerability has been resolved:

net: mdio: fix unbalanced fwnode reference count in mdio_device_release()

There is warning report about of_node refcount leak while probing mdio device:

OF: ERROR: memory leak, expected refcount 1 instead of 2, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /spi/soc@0/mdio@710700c0/ethernet@4

In of_mdiobus_register_device(), we increase fwnode refcount by fwnode_handle_get() before associating the of_node with mdio device, but it has never been decreased in normal path. Since that, in mdio_device_release(), it needs to call fwnode_handle_put() in addition instead of calling kfree() directly.

After above, just calling mdio_device_free() in the error handle path of of_mdiobus_register_device() is enough to keep the refcount balanced.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxa9049e0c513c4521dbfaa302af8ed08b3366b41f < 16854177745a5648f8ec322353b432e18460f43aaffected
LinuxLinuxa9049e0c513c4521dbfaa302af8ed08b3366b41f < a5c6de1a6656b8cc6bce7cb3d9874dd7df4968c3affected
LinuxLinuxa9049e0c513c4521dbfaa302af8ed08b3366b41f < cb37617687f2bfa5b675df7779f869147c9002bdaffected
LinuxLinux4.5affected
LinuxLinux0 < 4.5unaffected
LinuxLinux5.15.83 <= 5.15.*unaffected
LinuxLinux6.0.13 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References