CVE-2022-49246

medium

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in snd_proto_probe The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. Fix this by calling of_node_put() in error handling too.

References

https://git.kernel.org/stable/c/f32ac9bf5e3f594ef9bfedb410aebc98cf784e69

https://git.kernel.org/stable/c/b0bfaf0544d08d093d6211d7ef8816fb0b5b6c75

https://git.kernel.org/stable/c/8fa969cd8485031294f91fc7184399000cae6355

https://git.kernel.org/stable/c/0f517480d5888cd54487c5662ce4da95b30ad798

Details

Source: Mitre, NVD

Published: 2025-02-26

Updated: 2025-02-26

Risk Information

CVSS v2

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium