CVE-2022-50576

Summary

In the Linux kernel, the following vulnerability has been resolved:

serial: pch: Fix PCI device refcount leak in pch_request_dma()

As comment of pci_get_slot() says, it returns a pci_device with its refcount increased. The caller must decrement the reference count by calling pci_dev_put().

Since 'dma_dev' is only used to filter the channel in filter(), we can call pci_dev_put() before exiting from pch_request_dma(). Add the missing pci_dev_put() for the normal and error path.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux3c6a483275f47a2ef7119309ad3d791c10cf30da < 90ff030ca10b69feeebda1427550ebf9ed2ad868affected
LinuxLinux3c6a483275f47a2ef7119309ad3d791c10cf30da < 56e5a7c5ee3f0dc8978b5df2b1a98a1b060c5e2aaffected
LinuxLinux3c6a483275f47a2ef7119309ad3d791c10cf30da < dfd15c5550b9190d5b0f9bcacb3e6436322f3854affected
LinuxLinux3c6a483275f47a2ef7119309ad3d791c10cf30da < d165388227aa7e46a9751b90bae6337b5335cdbbaffected
LinuxLinux3c6a483275f47a2ef7119309ad3d791c10cf30da < 07f4ca68b0f6bf84b6b391c14b59fd179fcde9c5affected
LinuxLinux3c6a483275f47a2ef7119309ad3d791c10cf30da < 6f7d82380fbeaed3a940efc33c23f0c4bbd0fc02affected
LinuxLinux3c6a483275f47a2ef7119309ad3d791c10cf30da < 4f5d28865c665c9064de631a518f9bc8099d9ce4affected
LinuxLinux3c6a483275f47a2ef7119309ad3d791c10cf30da < 516614a371c26e3334625b4bca19a5362bf658d6affected
LinuxLinux3c6a483275f47a2ef7119309ad3d791c10cf30da < 8be3a7bf773700534a6e8f87f6ed2ed111254be5affected
LinuxLinux2.6.38affected
LinuxLinux0 < 2.6.38unaffected
LinuxLinux4.9.337 <= 4.9.*unaffected
LinuxLinux4.14.303 <= 4.14.*unaffected
LinuxLinux4.19.270 <= 4.19.*unaffected
LinuxLinux5.4.229 <= 5.4.*unaffected
LinuxLinux5.10.163 <= 5.10.*unaffected
LinuxLinux5.15.86 <= 5.15.*unaffected
LinuxLinux6.0.16 <= 6.0.*unaffected
LinuxLinux6.1.2 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References