CVE-2022-49712

Summary

In the Linux kernel, the following vulnerability has been resolved:

usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe

of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. of_node_put() will check NULL pointer.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux24a28e4283510dcd58890379a42b8a7d3201d9d3 < d85e4e6284a91aa2d1ab004e9d84b9c09b4aa203affected
LinuxLinux24a28e4283510dcd58890379a42b8a7d3201d9d3 < 0ef6917c0524da5b88496b9706628ffef108b9bbaffected
LinuxLinux24a28e4283510dcd58890379a42b8a7d3201d9d3 < 2a598da14856ead80c726b38ba426c68637d9211affected
LinuxLinux24a28e4283510dcd58890379a42b8a7d3201d9d3 < b75bddfcc18170ce8e3fb695a76ec2dec4ce0ea5affected
LinuxLinux24a28e4283510dcd58890379a42b8a7d3201d9d3 < 57901c658f77d9ea2e772f35cb38e47efb54c558affected
LinuxLinux24a28e4283510dcd58890379a42b8a7d3201d9d3 < 46da1e4a8b6329479433b2a4056941dfdd7f3efdaffected
LinuxLinux24a28e4283510dcd58890379a42b8a7d3201d9d3 < 727c82d003e0ec64411fd1257a9a57de4ad7a99aaffected
LinuxLinux24a28e4283510dcd58890379a42b8a7d3201d9d3 < 4757c9ade34178b351580133771f510b5ffcf9c8affected
LinuxLinux3.5affected
LinuxLinux0 < 3.5unaffected
LinuxLinux4.9.320 <= 4.9.*unaffected
LinuxLinux4.14.285 <= 4.14.*unaffected
LinuxLinux4.19.249 <= 4.19.*unaffected
LinuxLinux5.4.200 <= 5.4.*unaffected
LinuxLinux5.10.124 <= 5.10.*unaffected
LinuxLinux5.15.49 <= 5.15.*unaffected
LinuxLinux5.18.6 <= 5.18.*unaffected
LinuxLinux5.19 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References