CVE-2022-49652

Summary

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate

of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not needed anymore.

Add missing of_node_put() in to fix this.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxec9bfa1e1a796ef7acc2e55917c9b8be5a79e70e < 452b9dfd7aca96befce22634fadb111737f22bbeaffected
LinuxLinuxec9bfa1e1a796ef7acc2e55917c9b8be5a79e70e < 61b4ef19c346dc21ab1d4f39f5c412e3037b2bdcaffected
LinuxLinuxec9bfa1e1a796ef7acc2e55917c9b8be5a79e70e < 3bd66010398871807c1cebacee07d60ded1b1402affected
LinuxLinuxec9bfa1e1a796ef7acc2e55917c9b8be5a79e70e < b31ab132561c7f1b6459039152b8d09e44eb3565affected
LinuxLinuxec9bfa1e1a796ef7acc2e55917c9b8be5a79e70e < 37147e22cd8dfc0412495cb361708836157a4486affected
LinuxLinuxec9bfa1e1a796ef7acc2e55917c9b8be5a79e70e < cb9813d7eae917acd34436160a278b8b5d48ca53affected
LinuxLinuxec9bfa1e1a796ef7acc2e55917c9b8be5a79e70e < b5a817f8d62e9e13280928f3756e54854ae4962eaffected
LinuxLinuxec9bfa1e1a796ef7acc2e55917c9b8be5a79e70e < c132fe78ad7b4ce8b5d49a501a15c29d08eeb23aaffected
LinuxLinux4.5affected
LinuxLinux0 < 4.5unaffected
LinuxLinux4.9.323 <= 4.9.*unaffected
LinuxLinux4.14.288 <= 4.14.*unaffected
LinuxLinux4.19.252 <= 4.19.*unaffected
LinuxLinux5.4.205 <= 5.4.*unaffected
LinuxLinux5.10.130 <= 5.10.*unaffected
LinuxLinux5.15.54 <= 5.15.*unaffected
LinuxLinux5.18.11 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References