| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025022641-CVE-2022-49346-4f13@gregkh> Date: Wed, 26 Feb 2025 03:10:20 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2022-49346: net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list Description =========== In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list Every iteration of for_each_available_child_of_node() decrements the reference count of the previous node. when breaking early from a for_each_available_child_of_node() loop, we need to explicitly call of_node_put() on the gphy_fw_np. Add missing of_node_put() to avoid refcount leak. The Linux kernel CVE team has assigned CVE-2022-49346 to this issue. Affected and fixed versions =========================== Issue introduced in 4.20 with commit 14fceff4771e51b23b4485b575cf9e5b3414b89b and fixed in 5.4.198 with commit 7c8df6fad43d9d5d77f281f794b2a93cd02fd1a9 Issue introduced in 4.20 with commit 14fceff4771e51b23b4485b575cf9e5b3414b89b and fixed in 5.10.122 with commit c2ae49a113a5344232f1ebb93bcf18bbd11e9c39 Issue introduced in 4.20 with commit 14fceff4771e51b23b4485b575cf9e5b3414b89b and fixed in 5.15.47 with commit 54d6802c4d83fa8de7696cfec06f475d5fd92d27 Issue introduced in 4.20 with commit 14fceff4771e51b23b4485b575cf9e5b3414b89b and fixed in 5.17.15 with commit 32cd78c5610f02a929f63cac985e73692d05f33e Issue introduced in 4.20 with commit 14fceff4771e51b23b4485b575cf9e5b3414b89b and fixed in 5.18.4 with commit 2e007ac6fa7c9c94ad84da075c5c504afad690a0 Issue introduced in 4.20 with commit 14fceff4771e51b23b4485b575cf9e5b3414b89b and fixed in 5.19 with commit 0737e018a05e2aa352828c52bdeed3b02cff2930 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49346 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/dsa/lantiq_gswip.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/7c8df6fad43d9d5d77f281f794b2a93cd02fd1a9 https://git.kernel.org/stable/c/c2ae49a113a5344232f1ebb93bcf18bbd11e9c39 https://git.kernel.org/stable/c/54d6802c4d83fa8de7696cfec06f475d5fd92d27 https://git.kernel.org/stable/c/32cd78c5610f02a929f63cac985e73692d05f33e https://git.kernel.org/stable/c/2e007ac6fa7c9c94ad84da075c5c504afad690a0 https://git.kernel.org/stable/c/0737e018a05e2aa352828c52bdeed3b02cff2930
Powered by blists - more mailing lists