CVE-2022-49684

Summary

In the Linux kernel, the following vulnerability has been resolved:

iio: adc: aspeed: Fix refcount leak in aspeed_adc_set_trim_data

of_find_node_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd0a4c17b40736b368f1f26602ad162e24b4108e7 < 9664491db50a84be92696c8fad2c3b49a7a5f36faffected
LinuxLinuxd0a4c17b40736b368f1f26602ad162e24b4108e7 < 8a2b6b5687984a010ed094b4f436a2f091987758affected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux5.18.8 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References