CVE-2022-49002

In the Linux kernel, the following vulnerability has been resolved:

iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init()

for_each_pci_dev() is implemented by pci_get_device(). The comment of
pci_get_device() says that it will increase the reference count for the
returned pci_dev and also decrease the reference count for the input
pci_dev @from if it is not NULL.

If we break for_each_pci_dev() loop with pdev not NULL, we need to call
pci_dev_put() to decrease the reference count. Add the missing
pci_dev_put() for the error path to avoid reference count leak.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
linuxlinux_kernel
3.15 ≤
𝑥
< 4.9.335
linuxlinux_kernel
4.10 ≤
𝑥
< 4.14.301
linuxlinux_kernel
4.15 ≤
𝑥
< 4.19.268
linuxlinux_kernel
4.20 ≤
𝑥
< 5.4.226
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.158
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.82
linuxlinux_kernel
5.16 ≤
𝑥
< 6.0.12
linuxlinux_kernel
6.1:rc1
linuxlinux_kernel
6.1:rc2
linuxlinux_kernel
6.1:rc3
linuxlinux_kernel
6.1:rc4
linuxlinux_kernel
6.1:rc5
linuxlinux_kernel
6.1:rc6
linuxlinux_kernel
6.1:rc7
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.226-1
fixed
bookworm
6.1.106-3
fixed
bookworm (security)
6.1.112-1
fixed
sid
6.11.5-1
fixed
trixie
6.11.5-1
fixed
References
https://git.kernel.org/stable/c/2a8f7b90681472948de172dbbf5a54cd342870aa
https://git.kernel.org/stable/c/4bedbbd782ebbe7287231fea862c158d4f08a9e3
https://git.kernel.org/stable/c/71c4a621985fc051ab86d3a86c749069a993fcb2
https://git.kernel.org/stable/c/876d7bfb89273997056220029ff12b1c2cc4691d
https://git.kernel.org/stable/c/a5c65cd56aed027f8a97fda8b691caaeb66d115e
https://git.kernel.org/stable/c/bdb613ef179ad4bb9d56a2533e9b30e434f1dfb7
https://git.kernel.org/stable/c/cbdd83bd2fd67142b03ce9dbdd1eab322ff7321f
https://git.kernel.org/stable/c/d47bc9d7bcdbb9adc9703513d964b514fee5b0bf