CVE-2022-49011

MEDIUM EPSS 14.4%
Published Oct 21, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 21, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by calling pci_dev_put(). So call it after using to avoid refcount leak.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
14.4% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 14

VendorProductVersionRange
linuxlinux_kernel*≥3.14  –  <4.9.335
linuxlinux_kernel*≥4.10  –  <4.14.301
linuxlinux_kernel*≥4.15  –  <4.19.268
linuxlinux_kernel*≥4.20  –  <5.4.226
linuxlinux_kernel*≥5.5  –  <5.10.158
linuxlinux_kernel*≥5.11  –  <5.15.82
linuxlinux_kernel*≥5.16  –  <6.0.12
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any
linuxlinux_kernel6.1any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/0dd1da5a15eeecb2fe4cf131b3216fb455af783c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2f74cffc7c85f770b1b1833dccb03b8cde3be102
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6e035d5a2a6b907cfce9a80c5f442c2e459cd34e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7dec14537c5906b8bf40fd6fd6d9c3850f8df11d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bb75a0d1223d43f97089841aecb28a9b4de687a9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c40db1e5f316792b557d2be37e447c20d9ac4635
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ea5844f946b1ec5c0b7c115cd7684f34fd48021b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f598da27acbeee414679cacd14294db3e273e3d2
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0dd1da5a15eeecb2fe4cf131b3216fb455af783c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/2f74cffc7c85f770b1b1833dccb03b8cde3be102
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6e035d5a2a6b907cfce9a80c5f442c2e459cd34e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7dec14537c5906b8bf40fd6fd6d9c3850f8df11d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bb75a0d1223d43f97089841aecb28a9b4de687a9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c40db1e5f316792b557d2be37e447c20d9ac4635
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/ea5844f946b1ec5c0b7c115cd7684f34fd48021b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f598da27acbeee414679cacd14294db3e273e3d2
    Patch