| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025091559-CVE-2022-50309-f82b@gregkh> Date: Mon, 15 Sep 2025 16:46:11 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-50309: media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. The Linux kernel CVE team has assigned CVE-2022-50309 to this issue. Affected and fixed versions =========================== Issue introduced in 4.1 with commit df3305156f989339529b3d6744b898d498fb1f7b and fixed in 4.9.331 with commit 7b0efe7534071e0153708886355d80db69525d50 Issue introduced in 4.1 with commit df3305156f989339529b3d6744b898d498fb1f7b and fixed in 4.14.296 with commit 6e7b3b1e4e9f739800cd8010b75a9bee8d808cee Issue introduced in 4.1 with commit df3305156f989339529b3d6744b898d498fb1f7b and fixed in 4.19.262 with commit 3c38467c3255c428cdbd3cefaccca4662f302dc9 Issue introduced in 4.1 with commit df3305156f989339529b3d6744b898d498fb1f7b and fixed in 5.4.220 with commit 59b315353252abe7b8fdb8651ca31b8484ce287a Issue introduced in 4.1 with commit df3305156f989339529b3d6744b898d498fb1f7b and fixed in 5.10.150 with commit 2630cc88327a5557aa0d9cc63be95e3c6e0a55b3 Issue introduced in 4.1 with commit df3305156f989339529b3d6744b898d498fb1f7b and fixed in 5.15.75 with commit 2ea7caa9684687cf3adc1467cf4af3653a776192 Issue introduced in 4.1 with commit df3305156f989339529b3d6744b898d498fb1f7b and fixed in 5.19.17 with commit 22b93530bbe6af9dce8e520bb6e978d1bda39d2b Issue introduced in 4.1 with commit df3305156f989339529b3d6744b898d498fb1f7b and fixed in 6.0.3 with commit 3336210948b22c2db43e9df2ea403d251b4d24ab Issue introduced in 4.1 with commit df3305156f989339529b3d6744b898d498fb1f7b and fixed in 6.1 with commit 1c78f19c3a0ea312a8178a6bfd8934eb93e9b10a Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-50309 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/media/platform/xilinx/xilinx-vipp.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/7b0efe7534071e0153708886355d80db69525d50 https://git.kernel.org/stable/c/6e7b3b1e4e9f739800cd8010b75a9bee8d808cee https://git.kernel.org/stable/c/3c38467c3255c428cdbd3cefaccca4662f302dc9 https://git.kernel.org/stable/c/59b315353252abe7b8fdb8651ca31b8484ce287a https://git.kernel.org/stable/c/2630cc88327a5557aa0d9cc63be95e3c6e0a55b3 https://git.kernel.org/stable/c/2ea7caa9684687cf3adc1467cf4af3653a776192 https://git.kernel.org/stable/c/22b93530bbe6af9dce8e520bb6e978d1bda39d2b https://git.kernel.org/stable/c/3336210948b22c2db43e9df2ea403d251b4d24ab https://git.kernel.org/stable/c/1c78f19c3a0ea312a8178a6bfd8934eb93e9b10a
Powered by blists - more mailing lists