CVE-2022-49447

In the Linux kernel, the following vulnerability has been resolved:

ARM: hisi: Add missing of_node_put after of_find_compatible_node

of_find_compatible_node  will increment the refcount of the returned
device_node. Calling of_node_put() to avoid the refcount leak
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
LinuxCNA
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
VendorProductVersion
linuxlinux_kernel
𝑥
< 4.9.318
linuxlinux_kernel
4.10 ≤
𝑥
< 4.14.283
linuxlinux_kernel
4.15 ≤
𝑥
< 4.19.247
linuxlinux_kernel
4.20 ≤
𝑥
< 5.4.198
linuxlinux_kernel
5.5 ≤
𝑥
< 5.10.121
linuxlinux_kernel
5.11 ≤
𝑥
< 5.15.46
linuxlinux_kernel
5.16 ≤
𝑥
< 5.17.14
linuxlinux_kernel
5.18 ≤
𝑥
< 5.18.3
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.234-1
fixed
bookworm
6.1.123-1
fixed
bookworm (security)
6.1.128-1
fixed
trixie
6.12.12-1
fixed
sid
6.12.16-1
fixed
References
https://git.kernel.org/stable/c/21a3effe446dd6dc5eed7fe897c2f9b88c9a5d6d
https://git.kernel.org/stable/c/45d211668d33c49d73f5213e8c2b58468108647c
https://git.kernel.org/stable/c/46cb7868811d025c3d29c10d18b3422db1cf20d5
https://git.kernel.org/stable/c/9bc72e47d4630d58a840a66a869c56b29554cfe4
https://git.kernel.org/stable/c/a3265a9440030068547a20dfee646666f3ca5278
https://git.kernel.org/stable/c/cafaaae4bb9ce84a2791fa29bf6907a9466c3883
https://git.kernel.org/stable/c/dd4be8ecfb41a29e7c4e551b4e866157ce4a3429
https://git.kernel.org/stable/c/e109058165137ef42841abd989f080adfefa14fa
https://git.kernel.org/stable/c/f8da78b2bae1f54746647a2bb44f8bd6025c57af