| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025061812-CVE-2022-50124-18c3@gregkh> Date: Wed, 18 Jun 2025 13:03:09 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-50124: ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: ASoC: mt6797-mt6351: Fix refcount leak in mt6797_mt6351_dev_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. The Linux kernel CVE team has assigned CVE-2022-50124 to this issue. Affected and fixed versions =========================== Issue introduced in 4.18 with commit f0ab0bf250da5a115d5675a686117f21984f0760 and fixed in 4.19.256 with commit 1042353bb67cd1c9109d7481ea182c7794336458 Issue introduced in 4.18 with commit f0ab0bf250da5a115d5675a686117f21984f0760 and fixed in 5.4.211 with commit b488ceb2336905f071f80627bc8a7d657274e5de Issue introduced in 4.18 with commit f0ab0bf250da5a115d5675a686117f21984f0760 and fixed in 5.10.137 with commit a0381a9f3e595988e83bac4c4dd1e45ed2b3c744 Issue introduced in 4.18 with commit f0ab0bf250da5a115d5675a686117f21984f0760 and fixed in 5.15.61 with commit 7dee72b1bcecb26bfff8d6360f2169f8656dbaf6 Issue introduced in 4.18 with commit f0ab0bf250da5a115d5675a686117f21984f0760 and fixed in 5.18.18 with commit 67a28402a9e8c229c7588f214d81d52903ea06ea Issue introduced in 4.18 with commit f0ab0bf250da5a115d5675a686117f21984f0760 and fixed in 5.19.2 with commit 38dc6faef05f33b4c889be8b7d65878e465c1c4b Issue introduced in 4.18 with commit f0ab0bf250da5a115d5675a686117f21984f0760 and fixed in 6.0 with commit 7472eb8d7dd12b6b9b1a4f4527719cc9c7f5965f Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-50124 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: sound/soc/mediatek/mt6797/mt6797-mt6351.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/1042353bb67cd1c9109d7481ea182c7794336458 https://git.kernel.org/stable/c/b488ceb2336905f071f80627bc8a7d657274e5de https://git.kernel.org/stable/c/a0381a9f3e595988e83bac4c4dd1e45ed2b3c744 https://git.kernel.org/stable/c/7dee72b1bcecb26bfff8d6360f2169f8656dbaf6 https://git.kernel.org/stable/c/67a28402a9e8c229c7588f214d81d52903ea06ea https://git.kernel.org/stable/c/38dc6faef05f33b4c889be8b7d65878e465c1c4b https://git.kernel.org/stable/c/7472eb8d7dd12b6b9b1a4f4527719cc9c7f5965f
Powered by blists - more mailing lists