CVE-2022-49310

medium

Description

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: fix a refcount leak in cleanup_dev() usb_get_dev is called in xillyusb_probe. So it is better to call usb_put_dev before xdev is released.

References

https://git.kernel.org/stable/c/e277b95acdab84cd5d2f8d537a37aef6d21e988b

https://git.kernel.org/stable/c/bc8fceda3b89006e8a7dda8a097d36045d044c25

https://git.kernel.org/stable/c/b67d19662fdee275c479d21853bc1239600a798f

https://git.kernel.org/stable/c/21f1f167d727f3f857e26d509ef5a6d47fd31bc3

Details

Source: Mitre, NVD

Published: 2025-02-26

Updated: 2025-02-26

Risk Information

CVSS v2

Base Score: 6.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H