CVE-2022-49150

Summary

In the Linux kernel, the following vulnerability has been resolved:

rtc: gamecube: Fix refcount leak in gamecube_rtc_read_offset_from_sram

The of_find_compatible_node() function returns a node pointer with refcount incremented, We should use of_node_put() on it when done Add the missing of_node_put() to release the refcount.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux86559400b3ef9de93ba50523cffe767c35cd531a < de66e4f28dfd11f954966c447b4430529ed040a2affected
LinuxLinux86559400b3ef9de93ba50523cffe767c35cd531a < 4b2dc39ca024990abe36ad5d145c4fe0c06afd34affected
LinuxLinux5.17affected
LinuxLinux0 < 5.17unaffected
LinuxLinux5.17.2 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References