CVE-2022-49668

Summary

In the Linux kernel, the following vulnerability has been resolved:

PM / devfreq: exynos-ppmu: Fix refcount leak in of_get_devfreq_events

of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. This function only calls of_node_put() in normal path, missing it in error paths. Add missing of_node_put() to avoid refcount leak.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf262f28c147051e7aa6daaf4fb5996833ffadff4 < bdecd912e99acfd61507f1720d3f4eed1b3418d8affected
LinuxLinuxf262f28c147051e7aa6daaf4fb5996833ffadff4 < e65027fdebbacd40595e96ef7b5d2418f71bddf2affected
LinuxLinuxf262f28c147051e7aa6daaf4fb5996833ffadff4 < 01121e39ef537289926ae6f5374dce92c796d863affected
LinuxLinuxf262f28c147051e7aa6daaf4fb5996833ffadff4 < 194781229d4cbc804b8ded13156eb8addce87d6caffected
LinuxLinuxf262f28c147051e7aa6daaf4fb5996833ffadff4 < f44b799603a9b5d2e375b0b2d54dd0b791eddfc2affected
LinuxLinux4.0affected
LinuxLinux0 < 4.0unaffected
LinuxLinux5.4.204 <= 5.4.*unaffected
LinuxLinux5.10.129 <= 5.10.*unaffected
LinuxLinux5.15.53 <= 5.15.*unaffected
LinuxLinux5.18.10 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References