CVE-2022-49477

high

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: samsung: Fix refcount leak in aries_audio_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. If extcon_find_edev_by_node() fails, it doesn't call of_node_put() Calling of_node_put() after extcon_find_edev_by_node() to fix this.

References

https://git.kernel.org/stable/c/cacea459f95be22b3750f3b25b7a1c5897a68206

https://git.kernel.org/stable/c/bf4a9b2467b775717d0e9034ad916888e19713a3

https://git.kernel.org/stable/c/85d899f396622d3034643bf89615a78f9be7c91a

https://git.kernel.org/stable/c/70130bde3457d28c02c76b6cacc5d40a72dd6e17

https://git.kernel.org/stable/c/46d1b310a2d571811c4e08041ce287babb60b86a

Details

Source: Mitre, NVD

Published: 2025-02-26

Updated: 2025-02-26

Risk Information

CVSS v2

Base Score: 5.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 7.1

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Severity: High