CVE-2022-49787

Summary

In the Linux kernel, the following vulnerability has been resolved:

mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()

pci_get_device() will increase the reference count for the returned pci_dev. We need to use pci_dev_put() to decrease the reference count before amd_probe() returns. There is no problem for the 'smbus_dev == NULL' branch because pci_dev_put() can also handle the NULL input parameter case.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux659c9bc114a810b3a3c1e50585cc57f1312a6d60 < 7570e5b5419ffd34b6dc45a88c51e113a9a187e3affected
LinuxLinux659c9bc114a810b3a3c1e50585cc57f1312a6d60 < 5dbd6378dbf96787d6dbcca44156c511ae085ea3affected
LinuxLinux659c9bc114a810b3a3c1e50585cc57f1312a6d60 < 27f712cd47d65e14cd52cc32a23d42aeef583d5daffected
LinuxLinux659c9bc114a810b3a3c1e50585cc57f1312a6d60 < 4423866d31a06a810db22062ed13389416a66b22affected
LinuxLinux659c9bc114a810b3a3c1e50585cc57f1312a6d60 < a99a547658e5d451f01ed307426286716b6f01bfaffected
LinuxLinux659c9bc114a810b3a3c1e50585cc57f1312a6d60 < 35bca18092685b488003509fef7055aa2d4f2ebcaffected
LinuxLinux659c9bc114a810b3a3c1e50585cc57f1312a6d60 < 222cfa0118aa68687ace74aab8fdf77ce8fbd7e6affected
LinuxLinux4.4affected
LinuxLinux0 < 4.4unaffected
LinuxLinux4.14.300 <= 4.14.*unaffected
LinuxLinux4.19.267 <= 4.19.*unaffected
LinuxLinux5.4.225 <= 5.4.*unaffected
LinuxLinux5.10.156 <= 5.10.*unaffected
LinuxLinux5.15.80 <= 5.15.*unaffected
LinuxLinux6.0.10 <= 6.0.*unaffected
LinuxLinux6.1 <= *unaffected

Weaknesses

References