CVE-2022-50825

Summary

In the Linux kernel, the following vulnerability has been resolved:

usb: typec: wusb3801: fix fwnode refcount leak in wusb3801_probe()

I got the following report while doing fault injection test:

OF: ERROR: memory leak, expected refcount 1 instead of 4, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /i2c/tcpc@60/connector

If wusb3801_hw_init() fails, fwnode_handle_put() needs be called to avoid refcount leak.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxd016cbe4d7acf5100df83ecf4d02db4e9f607c1d < de1e2eb7f102e3073714396414592a39efb66b3eaffected
LinuxLinuxd016cbe4d7acf5100df83ecf4d02db4e9f607c1d < 82d1211f673bbdc822eaf1dbcbf1f2ae06556964affected
LinuxLinuxd016cbe4d7acf5100df83ecf4d02db4e9f607c1d < dc18a4c7b3bd447cef2395deeb1f6ac16dfaca0eaffected
LinuxLinux5.18affected
LinuxLinux0 < 5.18unaffected
LinuxLinux6.0.16 <= 6.0.*unaffected
LinuxLinux6.1.2 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References