| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025061839-CVE-2022-50199-582d@gregkh> Date: Wed, 18 Jun 2025 13:04:24 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-50199: ARM: OMAP2+: Fix refcount leak in omapdss_init_of From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix refcount leak in omapdss_init_of omapdss_find_dss_of_node() calls of_find_compatible_node() to get device node. of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() in later error path and normal path. The Linux kernel CVE team has assigned CVE-2022-50199 to this issue. Affected and fixed versions =========================== Issue introduced in 4.20 with commit e0c827aca0730b51f38081aa4e8ecf0912aab55f and fixed in 5.4.211 with commit 935035cf97c8cd6794044b500fb0a44a6d30ffa1 Issue introduced in 4.20 with commit e0c827aca0730b51f38081aa4e8ecf0912aab55f and fixed in 5.10.137 with commit 14bac0c7035bf920e190a63c7e1b113c72eadbf4 Issue introduced in 4.20 with commit e0c827aca0730b51f38081aa4e8ecf0912aab55f and fixed in 5.15.61 with commit 230ad40a59c9a9ee8f3822b9a7bec09404102ebc Issue introduced in 4.20 with commit e0c827aca0730b51f38081aa4e8ecf0912aab55f and fixed in 5.18.18 with commit a32dc6829e33c54e751346aa3e08ddb6d0e1a6a0 Issue introduced in 4.20 with commit e0c827aca0730b51f38081aa4e8ecf0912aab55f and fixed in 5.19.2 with commit 507159facf002d113c4878fec67f37d62f187887 Issue introduced in 4.20 with commit e0c827aca0730b51f38081aa4e8ecf0912aab55f and fixed in 6.0 with commit 9705db1eff38d6b9114121f9e253746199b759c9 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-50199 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: arch/arm/mach-omap2/display.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/935035cf97c8cd6794044b500fb0a44a6d30ffa1 https://git.kernel.org/stable/c/14bac0c7035bf920e190a63c7e1b113c72eadbf4 https://git.kernel.org/stable/c/230ad40a59c9a9ee8f3822b9a7bec09404102ebc https://git.kernel.org/stable/c/a32dc6829e33c54e751346aa3e08ddb6d0e1a6a0 https://git.kernel.org/stable/c/507159facf002d113c4878fec67f37d62f187887 https://git.kernel.org/stable/c/9705db1eff38d6b9114121f9e253746199b759c9
Powered by blists - more mailing lists