CVE-2022-49367

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2022-49367
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49367.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2022-49367
Downstream
Related
Published
2025-02-26T02:11:11.729Z
Modified
2026-03-20T12:22:22.890608Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register
Details

In the Linux kernel, the following vulnerability has been resolved:

net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxxmdiosregister

ofgetchildbyname() returns a node pointer with refcount incremented, we should use ofnodeput() on it when done.

mv88e6xxxmdioregister() pass the device node to ofmdiobusregister(). We don't need the device node after it.

Add missing ofnodeput() to avoid refcount leak.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49367.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
a3c53be55c955b7150cda17874c3fcb4eeb97a89
Fixed
dc1cf8c6f9793546696fded437a5b4c84944c48b
Fixed
86c3c5f8e4bd1325e24f6fba9017cade29933377
Fixed
a101793994c0a14c70bb4e44c7fda597eeebba0a
Fixed
42658e47f1abbbe592007d3ba303de466114d0bb
Fixed
c1df9cb756e5a9ba1841648c44ee5d92306b9c65
Fixed
e0d763d0c7665c7897e4f5a0847ab0c82543345f
Fixed
8a1a1255152da4fb934290e7ababc66f24985520
Fixed
02ded5a173619b11728b8bf75a3fd995a2c1ff28

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49367.json"