CVE-2022-49113

Summary

In the Linux kernel, the following vulnerability has been resolved:

powerpc/secvar: fix refcount leak in format_show()

Refcount leak will happen when format_show returns failure in multiple cases. Unified management of of_node_put can fix this problem.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbd5d9c743d38f67d64ea1b512a461f6b5a5f6bec < 02222bf4f0a27f6eba66d1f597cdb5daadd51829affected
LinuxLinuxbd5d9c743d38f67d64ea1b512a461f6b5a5f6bec < 2a71e3ecd829a82013cf095c55068c61d991e885affected
LinuxLinuxbd5d9c743d38f67d64ea1b512a461f6b5a5f6bec < c105ffb6b9744158e37e9f81f0f38861951d1c1faffected
LinuxLinuxbd5d9c743d38f67d64ea1b512a461f6b5a5f6bec < d05e4265d33af60b39606c20c731e3e719bfe3d6affected
LinuxLinuxbd5d9c743d38f67d64ea1b512a461f6b5a5f6bec < d601fd24e6964967f115f036a840f4f28488f63faffected
LinuxLinux5.5affected
LinuxLinux0 < 5.5unaffected
LinuxLinux5.10.111 <= 5.10.*unaffected
LinuxLinux5.15.34 <= 5.15.*unaffected
LinuxLinux5.16.20 <= 5.16.*unaffected
LinuxLinux5.17.3 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References