CVE-2022-49367
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49367
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49367.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49367
- Downstream
- Related
- Published
- 2025-02-26T07:01:13Z
- Modified
- 2025-08-09T20:01:27Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxxmdiosregister
ofgetchildbyname() returns a node pointer with refcount incremented, we should use ofnodeput() on it when done.
mv88e6xxxmdioregister() pass the device node to ofmdiobusregister(). We don't need the device node after it.
Add missing ofnodeput() to avoid refcount leak.
- References
-
- https://git.kernel.org/stable/c/02ded5a173619b11728b8bf75a3fd995a2c1ff28
- https://git.kernel.org/stable/c/42658e47f1abbbe592007d3ba303de466114d0bb
- https://git.kernel.org/stable/c/86c3c5f8e4bd1325e24f6fba9017cade29933377
- https://git.kernel.org/stable/c/8a1a1255152da4fb934290e7ababc66f24985520
- https://git.kernel.org/stable/c/a101793994c0a14c70bb4e44c7fda597eeebba0a
- https://git.kernel.org/stable/c/c1df9cb756e5a9ba1841648c44ee5d92306b9c65
- https://git.kernel.org/stable/c/dc1cf8c6f9793546696fded437a5b4c84944c48b
- https://git.kernel.org/stable/c/e0d763d0c7665c7897e4f5a0847ab0c82543345f