CVE-2022-49609

Summary

In the Linux kernel, the following vulnerability has been resolved:

power/reset: arm-versatile: Fix refcount leak in versatile_reboot_probe

of_find_matching_node_and_match() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux0e545f57b708630c54c8c5c24ea7f7034f6c40d9 < b4d224eec96a18fa8959512cd9e5b6a50bd16a41affected
LinuxLinux0e545f57b708630c54c8c5c24ea7f7034f6c40d9 < a9ed3ad3a8d1dfbc829d86edb3236873a315db11affected
LinuxLinux0e545f57b708630c54c8c5c24ea7f7034f6c40d9 < 6689754b121bd487f99680280102b3a5cd7374afaffected
LinuxLinux0e545f57b708630c54c8c5c24ea7f7034f6c40d9 < 78bdf732cf5d74d1c6ecda06830a91f80a4aef6faffected
LinuxLinux0e545f57b708630c54c8c5c24ea7f7034f6c40d9 < 493ceca3271316e74639c89ff8ac35883de64256affected
LinuxLinux0e545f57b708630c54c8c5c24ea7f7034f6c40d9 < 71ab83ac65e2d671552374123bf920c1d698335aaffected
LinuxLinux0e545f57b708630c54c8c5c24ea7f7034f6c40d9 < 49fa778ee044b00471dd9ccae5f6a121fffea1acaffected
LinuxLinux0e545f57b708630c54c8c5c24ea7f7034f6c40d9 < 80192eff64eee9b3bc0594a47381937b94b9d65aaffected
LinuxLinux3.18affected
LinuxLinux0 < 3.18unaffected
LinuxLinux4.9.325 <= 4.9.*unaffected
LinuxLinux4.14.290 <= 4.14.*unaffected
LinuxLinux4.19.254 <= 4.19.*unaffected
LinuxLinux5.4.208 <= 5.4.*unaffected
LinuxLinux5.10.134 <= 5.10.*unaffected
LinuxLinux5.15.58 <= 5.15.*unaffected
LinuxLinux5.18.15 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References