| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025061849-CVE-2022-50061-a258@gregkh> Date: Wed, 18 Jun 2025 13:02:06 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-50061: pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak." The Linux kernel CVE team has assigned CVE-2022-50061 to this issue. Affected and fixed versions =========================== Issue introduced in 3.18 with commit c2f6d059abfc29822af732e4da70813a5b6fd9cd and fixed in 4.9.326 with commit 81abaab5a4b815c0ed9f4d2c9745777ac5cc395b Issue introduced in 3.18 with commit c2f6d059abfc29822af732e4da70813a5b6fd9cd and fixed in 4.14.291 with commit c35f89a9021fa947ecede0584ae509368a52ec5a Issue introduced in 3.18 with commit c2f6d059abfc29822af732e4da70813a5b6fd9cd and fixed in 4.19.256 with commit f498542bc703bf1e5c6a1610e1ea493a437f0196 Issue introduced in 3.18 with commit c2f6d059abfc29822af732e4da70813a5b6fd9cd and fixed in 5.4.211 with commit c26012a1e61c7bbd1b393d3bbae8dffdb6df65bb Issue introduced in 3.18 with commit c2f6d059abfc29822af732e4da70813a5b6fd9cd and fixed in 5.10.138 with commit 78d05103891d3e96144b846fbc39f2cfb3384eae Issue introduced in 3.18 with commit c2f6d059abfc29822af732e4da70813a5b6fd9cd and fixed in 5.15.63 with commit 9272265f2f76629e1a67e6d49b3a4461b3da1a73 Issue introduced in 3.18 with commit c2f6d059abfc29822af732e4da70813a5b6fd9cd and fixed in 5.19.4 with commit 587ac8ac00a1a9f4572785229d9441870fd7b187 Issue introduced in 3.18 with commit c2f6d059abfc29822af732e4da70813a5b6fd9cd and fixed in 6.0 with commit 4b32e054335ea0ce50967f63a7bfd4db058b14b9 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-50061 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/pinctrl/nomadik/pinctrl-nomadik.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/81abaab5a4b815c0ed9f4d2c9745777ac5cc395b https://git.kernel.org/stable/c/c35f89a9021fa947ecede0584ae509368a52ec5a https://git.kernel.org/stable/c/f498542bc703bf1e5c6a1610e1ea493a437f0196 https://git.kernel.org/stable/c/c26012a1e61c7bbd1b393d3bbae8dffdb6df65bb https://git.kernel.org/stable/c/78d05103891d3e96144b846fbc39f2cfb3384eae https://git.kernel.org/stable/c/9272265f2f76629e1a67e6d49b3a4461b3da1a73 https://git.kernel.org/stable/c/587ac8ac00a1a9f4572785229d9441870fd7b187 https://git.kernel.org/stable/c/4b32e054335ea0ce50967f63a7bfd4db058b14b9
Powered by blists - more mailing lists