CVE-2022-49752
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-49752
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-49752.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-49752
- Downstream
- Published
- 2025-03-27T16:43:00Z
- Modified
- 2025-10-21T10:56:38.026242Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- device property: fix of node refcount leak in fwnode_graph_get_next_endpoint()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
device property: fix of node refcount leak in fwnodegraphgetnextendpoint()
The 'parent' returned by fwnodegraphgetportparent() with refcount incremented when 'prev' is not NULL, it needs be put when finish using it.
Because the parent is const, introduce a new variable to store the returned fwnode, then put it before returning from fwnodegraphgetnextendpoint().
- References
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb5b41ab6b0c1bb70fe37a0d193006c969e3b5909Fixed7701a4bd45c11f9a289d8f262fad05705a012339
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb5b41ab6b0c1bb70fe37a0d193006c969e3b5909Fixede75485fc589ec729cc182aa9b41dfb6c15ae6f6e
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducedb5b41ab6b0c1bb70fe37a0d193006c969e3b5909Fixed39af728649b05e88a2b40e714feeee6451c3f18e
Affected versions
v5.*
v5.14
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.61
v5.15.62
v5.15.63
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.7
v5.15.70
v5.15.71
v5.15.72
v5.15.73
v5.15.74
v5.15.75
v5.15.76
v5.15.77
v5.15.78
v5.15.79
v5.15.8
v5.15.80
v5.15.81
v5.15.82
v5.15.83
v5.15.84
v5.15.85
v5.15.86
v5.15.87
v5.15.88
v5.15.89
v5.15.9
v5.15.90
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.2-rc1
v6.2-rc2
v6.2-rc3
Database specific
vanir_signatures
[
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@39af728649b05e88a2b40e714feeee6451c3f18e",
"id": "CVE-2022-49752-05525d5a",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "fwnode_graph_get_next_endpoint",
"file": "drivers/base/property.c"
},
"digest": {
"length": 320.0,
"function_hash": "135124960485736431552469214138199572973"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7701a4bd45c11f9a289d8f262fad05705a012339",
"id": "CVE-2022-49752-3c5c8845",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/base/property.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"221722305650371545102411106516168137632",
"200058005059641185937811186853305507168",
"317561618514708693934575096683747635273",
"216581851001671674849693318111556106568",
"307406456530364116710427214828427010346",
"99685918626805296711245714801745924396",
"53307014099742419537961810159124314586",
"49121217603048320807418785227788228228",
"172747313638221264664721460009285406199",
"38293448599533872764437481283874618004",
"133176732087451737243065207271219419054",
"177003864800278779492142828326736300046",
"237689942614978729063874386472989817702",
"333013616838004224783200530070681433998",
"52617627675550007398620270147941383237",
"313059140712762455563614716342918775849"
]
},
"signature_type": "Line"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e75485fc589ec729cc182aa9b41dfb6c15ae6f6e",
"id": "CVE-2022-49752-60a0c48b",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "fwnode_graph_get_next_endpoint",
"file": "drivers/base/property.c"
},
"digest": {
"length": 320.0,
"function_hash": "135124960485736431552469214138199572973"
},
"signature_type": "Function"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e75485fc589ec729cc182aa9b41dfb6c15ae6f6e",
"id": "CVE-2022-49752-bc89f720",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/base/property.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"221722305650371545102411106516168137632",
"200058005059641185937811186853305507168",
"317561618514708693934575096683747635273",
"216581851001671674849693318111556106568",
"307406456530364116710427214828427010346",
"99685918626805296711245714801745924396",
"53307014099742419537961810159124314586",
"49121217603048320807418785227788228228",
"172747313638221264664721460009285406199",
"38293448599533872764437481283874618004",
"133176732087451737243065207271219419054",
"177003864800278779492142828326736300046",
"237689942614978729063874386472989817702",
"333013616838004224783200530070681433998",
"52617627675550007398620270147941383237",
"313059140712762455563614716342918775849"
]
},
"signature_type": "Line"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@39af728649b05e88a2b40e714feeee6451c3f18e",
"id": "CVE-2022-49752-be464194",
"deprecated": false,
"signature_version": "v1",
"target": {
"file": "drivers/base/property.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"221722305650371545102411106516168137632",
"200058005059641185937811186853305507168",
"317561618514708693934575096683747635273",
"216581851001671674849693318111556106568",
"307406456530364116710427214828427010346",
"99685918626805296711245714801745924396",
"53307014099742419537961810159124314586",
"49121217603048320807418785227788228228",
"172747313638221264664721460009285406199",
"38293448599533872764437481283874618004",
"133176732087451737243065207271219419054",
"177003864800278779492142828326736300046",
"237689942614978729063874386472989817702",
"333013616838004224783200530070681433998",
"52617627675550007398620270147941383237",
"313059140712762455563614716342918775849"
]
},
"signature_type": "Line"
},
{
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7701a4bd45c11f9a289d8f262fad05705a012339",
"id": "CVE-2022-49752-cfdc50c8",
"deprecated": false,
"signature_version": "v1",
"target": {
"function": "fwnode_graph_get_next_endpoint",
"file": "drivers/base/property.c"
},
"digest": {
"length": 320.0,
"function_hash": "135124960485736431552469214138199572973"
},
"signature_type": "Function"
}
]