CVE-2022-49367

MEDIUM EPSS 15.9%
Published Feb 26, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. mv88e6xxx_mdio_register() pass the device node to of_mdiobus_register(). We don't need the device node after it. Add missing of_node_put() to avoid refcount leak.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
15.9% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥4.11  –  <4.14.283
linuxlinux_kernel*≥4.15  –  <4.19.247
linuxlinux_kernel*≥4.20  –  <5.4.198
linuxlinux_kernel*≥5.5  –  <5.10.122
linuxlinux_kernel*≥5.11  –  <5.15.47
linuxlinux_kernel*≥5.16  –  <5.17.15
linuxlinux_kernel*≥5.18  –  <5.18.4

References 8

  • git.kernel.org https://git.kernel.org/stable/c/02ded5a173619b11728b8bf75a3fd995a2c1ff28
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/42658e47f1abbbe592007d3ba303de466114d0bb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/86c3c5f8e4bd1325e24f6fba9017cade29933377
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8a1a1255152da4fb934290e7ababc66f24985520
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a101793994c0a14c70bb4e44c7fda597eeebba0a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c1df9cb756e5a9ba1841648c44ee5d92306b9c65
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dc1cf8c6f9793546696fded437a5b4c84944c48b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e0d763d0c7665c7897e4f5a0847ab0c82543345f
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/02ded5a173619b11728b8bf75a3fd995a2c1ff28
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/42658e47f1abbbe592007d3ba303de466114d0bb
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/86c3c5f8e4bd1325e24f6fba9017cade29933377
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/8a1a1255152da4fb934290e7ababc66f24985520
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/a101793994c0a14c70bb4e44c7fda597eeebba0a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c1df9cb756e5a9ba1841648c44ee5d92306b9c65
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/dc1cf8c6f9793546696fded437a5b4c84944c48b
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e0d763d0c7665c7897e4f5a0847ab0c82543345f
    Patch