VDB

CISA-2022-49242

CISA-2022-49242 PUBLISHED CVSS 5.5 MEDIUM

Reported by Linux · Published February 26, 2025

In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fix error handling in mxs_sgtl5000_probe This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. For example, when codec_np is NULL, saif_np[0] and saif_np[1] are not NULL, it will cause leaks. of_node_put() will check if the node pointer is NULL, so we can call it directly to release the refcount of regular pointers.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
LinuxLinuxe968194b45c4e8077dada75c5bae5660b37628fe, e968194b45c4e8077dada75c5bae5660b37628fe, e968194b45c4e8077dada75c5bae5660b37628fe
LinuxLinux3.5, 0, 4.9.311
linuxlinux_kernel3.5, 3.5, 3.5
LinuxLinuxe968194b45c4e8077dada75c5bae5660b37628fe, e968194b45c4e8077dada75c5bae5660b37628fe, e968194b45c4e8077dada75c5bae5660b37628fe

Timeline

  • Feb 26, 2025 CVE Published
  • May 4, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›