| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025100102-CVE-2022-50443-c1d5@gregkh> Date: Wed, 1 Oct 2025 13:42:16 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-50443: drm/rockchip: lvds: fix PM usage counter unbalance in poweron From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: lvds: fix PM usage counter unbalance in poweron pm_runtime_get_sync will increment pm usage counter even it failed. Forgetting to putting operation will result in reference leak here. We fix it by replacing it with the newest pm_runtime_resume_and_get to keep usage counter balanced. The Linux kernel CVE team has assigned CVE-2022-50443 to this issue. Affected and fixed versions =========================== Issue introduced in 4.15 with commit 34cc0aa2545603560c79aaea3340d8ff3a71bd10 and fixed in 5.10.163 with commit 110bf15825edf4f20bc4e56aba624297861b06ab Issue introduced in 4.15 with commit 34cc0aa2545603560c79aaea3340d8ff3a71bd10 and fixed in 5.15.86 with commit f6ed73db390319b248b91a6325da1a48ad85e0d1 Issue introduced in 4.15 with commit 34cc0aa2545603560c79aaea3340d8ff3a71bd10 and fixed in 6.0.16 with commit 589a911980b730feadb9c430bc0747a118b04dd8 Issue introduced in 4.15 with commit 34cc0aa2545603560c79aaea3340d8ff3a71bd10 and fixed in 6.1.2 with commit 12a9b4c4ebd9a0ba856370e088564af83cffd565 Issue introduced in 4.15 with commit 34cc0aa2545603560c79aaea3340d8ff3a71bd10 and fixed in 6.2 with commit 4dba27f1a14592ac4cf71c3bc1cc1fd05dea8015 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-50443 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/gpu/drm/rockchip/rockchip_lvds.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/110bf15825edf4f20bc4e56aba624297861b06ab https://git.kernel.org/stable/c/f6ed73db390319b248b91a6325da1a48ad85e0d1 https://git.kernel.org/stable/c/589a911980b730feadb9c430bc0747a118b04dd8 https://git.kernel.org/stable/c/12a9b4c4ebd9a0ba856370e088564af83cffd565 https://git.kernel.org/stable/c/4dba27f1a14592ac4cf71c3bc1cc1fd05dea8015
Powered by blists - more mailing lists