CVE-2022-49185

In the Linux kernel, the following vulnerability has been resolved:

pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe

This node pointer is returned by of_parse_phandle() with refcount
incremented in this function. Calling of_node_put() to avoid
the refcount leak.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
CISA-ADPADP
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 8%
VendorProductVersion
linuxlinux_kernel
3.9 ≤
𝑥
< 4.9.311
linuxlinux_kernel
4.10 ≤
𝑥
< 4.14.276
linuxlinux_kernel
4.15 ≤
𝑥
< 4.19.238
linuxlinux_kernel
4.20 ≤
𝑥
< 5.4.189
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.110
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.33
linuxlinux_kernel
5.16 ≤
𝑥
< 5.16.19
linuxlinux_kernel
5.17 ≤
𝑥
< 5.17.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.234-1
fixed
bookworm
6.1.123-1
fixed
bookworm (security)
6.1.128-1
fixed
trixie
6.12.12-1
fixed
sid
6.12.16-1
fixed
References
https://git.kernel.org/stable/c/0067ba448f1c29ca06e5aee00d8506889ed1f9d0
https://git.kernel.org/stable/c/0356d4b64a03d23daf99a2a29d7d7d91d6ec2ea8
https://git.kernel.org/stable/c/59250d547542f1c7765a78dc97ddfe5e6b0d2ab0
https://git.kernel.org/stable/c/62580a40c9bef3d8a90629c64dda381344b35ffd
https://git.kernel.org/stable/c/669b05ff43bd7ed684379c6e2006a6dad5127b71
https://git.kernel.org/stable/c/9511c6018cd772668def8b034bc67269847e591a
https://git.kernel.org/stable/c/bc1e29a35147c1ba6ea2b06a16cb0028f7c852d2
https://git.kernel.org/stable/c/c09ac191b1f97cfa06f394dbfd7a5db07986cefc
https://git.kernel.org/stable/c/c52703355766c347f270df222a744e0c491a02f2