CVE-2022-49397

In the Linux kernel, the following vulnerability has been resolved:

phy: qcom-qmp: fix struct clk leak on probe errors

Make sure to release the pipe clock reference in case of a late probe
error (e.g. probe deferral).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
VendorProductVersion
linuxlinux_kernel
4.12 ≤
𝑥
< 4.14.283
linuxlinux_kernel
4.15 ≤
𝑥
< 4.19.247
linuxlinux_kernel
4.20 ≤
𝑥
< 5.4.198
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.121
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.46
linuxlinux_kernel
5.16 ≤
𝑥
< 5.17.14
linuxlinux_kernel
5.18 ≤
𝑥
< 5.18.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.234-1
fixed
bookworm
6.1.123-1
fixed
bookworm (security)
6.1.128-1
fixed
trixie
6.12.12-1
fixed
sid
6.12.16-1
fixed
Common Weakness Enumeration
Vulnerability Media Exposure
References
https://git.kernel.org/stable/c/1668ad103679306ba2ef37f758d704e58a3ef1a0
https://git.kernel.org/stable/c/621a4bcfb7aa031e7760d7b156bad7a45df58387
https://git.kernel.org/stable/c/6f3673c8d8eff0c4ab5a5ee0d3ca9717d85419b4
https://git.kernel.org/stable/c/ad9b0fad02f9b3a06ad5ac7df11f244e316a6254
https://git.kernel.org/stable/c/b246695636a861a09f0e2cde92bb2dd8f114f024
https://git.kernel.org/stable/c/b999d48b0869b8599de532ff6081575a7ab5358a
https://git.kernel.org/stable/c/f0a4bc38a12f5a0cc5ad68670d9480e91e6a94df
https://git.kernel.org/stable/c/f8d23895a41243c6a8dbf392e531fff9497bb023