CVE-2022-50176

In the Linux kernel, the following vulnerability has been resolved: drm/mcde: Fix refcount leak in mcde_dsi_bind Every iteration of for_each_available_child_of_node() decrements the reference counter of the previous node. There is no decrement when break out from the loop and results in refcount leak. Add missing of_node_put() to fix this.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/3123ae6fdd4013d24a3a4877084b14e917faae5c	Patch
https://git.kernel.org/stable/c/32c827e30bb44ae809950a9efab59e98e44d30e5	Patch
https://git.kernel.org/stable/c/3a149169e4a2f9127022fec6ef5d71b4e804b3b9	Patch
https://git.kernel.org/stable/c/7214902de5b1fb2b632a7b8b3b9540e41aabab38	Patch
https://git.kernel.org/stable/c/87c35bbefdfa3c5edfb8c80f5c04717aaacc629d	Patch
https://git.kernel.org/stable/c/f57699a9b66ea11f000f56d1f1179059239b8690	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

History

No history.

Information

Published : 2025-06-18 11:15

Updated : 2025-11-25 20:22

NVD link : CVE-2022-50176

Mitre link : CVE-2022-50176

CVE.ORG link : CVE-2022-50176

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

{"id": "CVE-2022-50176", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-06-18T11:15:47.993", "references": [{"url": "https://git.kernel.org/stable/c/3123ae6fdd4013d24a3a4877084b14e917faae5c", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/32c827e30bb44ae809950a9efab59e98e44d30e5", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/3a149169e4a2f9127022fec6ef5d71b4e804b3b9", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/7214902de5b1fb2b632a7b8b3b9540e41aabab38", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/87c35bbefdfa3c5edfb8c80f5c04717aaacc629d", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/f57699a9b66ea11f000f56d1f1179059239b8690", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mcde: Fix refcount leak in mcde_dsi_bind\n\nEvery iteration of for_each_available_child_of_node() decrements\nthe reference counter of the previous node. There is no decrement\nwhen break out from the loop and results in refcount leak.\nAdd missing of_node_put() to fix this."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/mcde: Se corrige la fuga de recuento de referencias en mcde_dsi_bind. Cada iteraci\u00f3n de for_each_available_child_of_node() decrementa el contador de referencias del nodo anterior. No se produce decremento al salir del bucle, lo que provoca una fuga de recuento de referencias. Para solucionar esto, se ha a\u00f1adido la funci\u00f3n of_node_put() (faltante)."}], "lastModified": "2025-11-25T20:22:31.863", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DABFD37F-7E0C-41E0-9811-29A4EF9C11FB", "versionEndExcluding": "5.4.211", "versionStartIncluding": "5.3"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C2BF720F-C5EE-4DE2-9BDF-CE4CFBC767F4", "versionEndExcluding": "5.10.137", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51861563-7F40-460F-82CD-2D3FBDAD6618", "versionEndExcluding": "5.15.61", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5B42E453-8837-49D0-A5EF-03F818A6DC11", "versionEndExcluding": "5.18.18", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1A2A5A5-4598-4D7E-BA07-4660398D6C8F", "versionEndExcluding": "5.19.2", "versionStartIncluding": "5.19"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}