CVE-2022-49421

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/2e2e2c71b2642289438392edbf5d08cdbc0b138b	Patch
https://git.kernel.org/stable/c/38d245cebf545338a6bc1c7762023de3fbecd7b7	Patch
https://git.kernel.org/stable/c/51eb1bb6baeb478538dd4ec6459fd68c44a855b1	Patch
https://git.kernel.org/stable/c/6c92711db7c90f78e0b67ac2a8944d0fe7e12d83	Patch
https://git.kernel.org/stable/c/8db59df7f5826e104db82cfddbf22a33a151193e	Patch
https://git.kernel.org/stable/c/b23789a59fa6f00e98a319291819f91fbba0deb8	Patch
https://git.kernel.org/stable/c/bbb2a24e863b6a10129546a0a4ceea2f07deec39	Patch
https://git.kernel.org/stable/c/c1c4405222b6fc98c16e8c2aa679c14e41d81465	Patch
https://git.kernel.org/stable/c/f2dfb4ab887d67be7d0892ba041d3c8d738d3356	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2025-02-26 07:01

Updated : 2025-09-22 20:02

NVD link : CVE-2022-49421

Mitre link : CVE-2022-49421

CVE.ORG link : CVE-2022-49421

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

{"id": "CVE-2022-49421", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-02-26T07:01:18.533", "references": [{"url": "https://git.kernel.org/stable/c/2e2e2c71b2642289438392edbf5d08cdbc0b138b", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/38d245cebf545338a6bc1c7762023de3fbecd7b7", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/51eb1bb6baeb478538dd4ec6459fd68c44a855b1", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/6c92711db7c90f78e0b67ac2a8944d0fe7e12d83", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/8db59df7f5826e104db82cfddbf22a33a151193e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b23789a59fa6f00e98a319291819f91fbba0deb8", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/bbb2a24e863b6a10129546a0a4ceea2f07deec39", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/c1c4405222b6fc98c16e8c2aa679c14e41d81465", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f2dfb4ab887d67be7d0892ba041d3c8d738d3356", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nvideo: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup\n\nof_parse_phandle() returns a node pointer with refcount incremented, we should\nuse of_node_put() on it when not need anymore. Add missing of_node_put() to\navoid refcount leak."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: video: fbdev: clcdfb: Se corrige la p\u00e9rdida de recuento de referencias en clcdfb_of_vram_setup of_parse_phandle() devuelve un puntero de nodo con el recuento de referencias incrementado, deber\u00edamos usar of_node_put() en \u00e9l cuando ya no lo necesitemos. Agregue of_node_put() faltante para evitar la p\u00e9rdida de recuento de referencias."}], "lastModified": "2025-09-22T20:02:14.963", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C716866D-6557-4910-9D02-0C0C8FDCD779", "versionEndExcluding": "4.9.318", "versionStartIncluding": "3.17"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6823775-2653-4644-A0D4-4E6E68F10C65", "versionEndExcluding": "4.14.283", "versionStartIncluding": "4.10"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8CFA0F4-2D75-41F4-9753-87944A08B53B", "versionEndExcluding": "4.19.247", "versionStartIncluding": "4.15"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3EC49633-14DE-4EBD-BB80-76AE2E3EABB9", "versionEndExcluding": "5.4.198", "versionStartIncluding": "4.20"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34ACD872-E5BC-401C-93D5-B357A62426E0", "versionEndExcluding": "5.10.121", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20D41697-0E8B-4B7D-8842-F17BF2AA21E1", "versionEndExcluding": "5.15.46", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "15E2DD33-2255-4B76-9C15-04FF8CBAB252", "versionEndExcluding": "5.17.14", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E122216-2E9E-4B3E-B7B8-D575A45BA3C2", "versionEndExcluding": "5.18.3", "versionStartIncluding": "5.18"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}