| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025022625-CVE-2022-49245-dcd4@gregkh> Date: Wed, 26 Feb 2025 02:57:30 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2022-49245: ASoC: rockchip: Fix PM usage reference of rockchip_i2s_tdm_resume Description =========== In the Linux kernel, the following vulnerability has been resolved: ASoC: rockchip: Fix PM usage reference of rockchip_i2s_tdm_resume pm_runtime_get_sync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. We fix it by replacing it with pm_runtime_resume_and_get to keep usage counter balanced. The Linux kernel CVE team has assigned CVE-2022-49245 to this issue. Affected and fixed versions =========================== Issue introduced in 5.16 with commit 081068fd641403994f0505e6b91e021d3925f348 and fixed in 5.16.19 with commit 4e5510219111607b1f1875ab3c3f0485ba3c381c Issue introduced in 5.16 with commit 081068fd641403994f0505e6b91e021d3925f348 and fixed in 5.17.2 with commit 5c1834aac759ddfd0f17c9f38db1b30adc8eb4e8 Issue introduced in 5.16 with commit 081068fd641403994f0505e6b91e021d3925f348 and fixed in 5.18 with commit cc5d8ac95663a5813c696008bc524b794d471215 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49245 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: sound/soc/rockchip/rockchip_i2s_tdm.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/4e5510219111607b1f1875ab3c3f0485ba3c381c https://git.kernel.org/stable/c/5c1834aac759ddfd0f17c9f38db1b30adc8eb4e8 https://git.kernel.org/stable/c/cc5d8ac95663a5813c696008bc524b794d471215
Powered by blists - more mailing lists