| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025100704-CVE-2022-50520-9faa@gregkh> Date: Tue, 7 Oct 2025 17:19:07 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2022-50520: drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: drm/radeon: Fix PCI device refcount leak in radeon_atrm_get_bios() As comment of pci_get_class() says, it returns a pci_device with its refcount increased and decreased the refcount for the input parameter @from if it is not NULL. If we break the loop in radeon_atrm_get_bios() with 'pdev' not NULL, we need to call pci_dev_put() to decrease the refcount. Add the missing pci_dev_put() to avoid refcount leak. The Linux kernel CVE team has assigned CVE-2022-50520 to this issue. Affected and fixed versions =========================== Issue introduced in 3.6 with commit c61e2775873f603148e8e998a938721b7d222d24 and fixed in 4.9.337 with commit 6f28c7f67af4ef9bca580ab67ae2d4511797af56 Issue introduced in 3.6 with commit c61e2775873f603148e8e998a938721b7d222d24 and fixed in 4.14.303 with commit e738f82e5b1311e8fb3d1409491a6fcce6418fbe Issue introduced in 3.6 with commit c61e2775873f603148e8e998a938721b7d222d24 and fixed in 4.19.270 with commit 1079df6acf56f99d86b0081a38c84701412cc90e Issue introduced in 3.6 with commit c61e2775873f603148e8e998a938721b7d222d24 and fixed in 5.4.229 with commit 470a77989037c3ab2b08bf2d026d2c0ddc35ff5b Issue introduced in 3.6 with commit c61e2775873f603148e8e998a938721b7d222d24 and fixed in 5.10.163 with commit 3991d98a8a07b71c02f3a39f77d6d9a7f575a5c4 Issue introduced in 3.6 with commit c61e2775873f603148e8e998a938721b7d222d24 and fixed in 5.15.86 with commit 88c6e0995c04b170563b5c894c50a3b2152e18c2 Issue introduced in 3.6 with commit c61e2775873f603148e8e998a938721b7d222d24 and fixed in 6.0.16 with commit b9decada8749b606fd8b4f04a3d6c74f7983d7bc Issue introduced in 3.6 with commit c61e2775873f603148e8e998a938721b7d222d24 and fixed in 6.1.2 with commit a6cffe54064a5f6c2162a85af3c16c6b453eac4e Issue introduced in 3.6 with commit c61e2775873f603148e8e998a938721b7d222d24 and fixed in 6.2 with commit 725a521a18734f65de05b8d353b5bd0d3ca4c37a Issue introduced in 3.2.29 with commit 61ebf0a926149cc161131470cf848cb70b3d6fe6 Issue introduced in 3.4.12 with commit 0a1d9a860832a5ca43114cdebf0e8650463cc1f0 Issue introduced in 3.5.5 with commit 5f54f145719f453dccc73304cd427096bf7b806c Issue introduced in 3.2.60 with commit 063ab9cb6308a0806d623c8d6dda5cb2b3b87fce Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-50520 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/gpu/drm/radeon/radeon_bios.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/6f28c7f67af4ef9bca580ab67ae2d4511797af56 https://git.kernel.org/stable/c/e738f82e5b1311e8fb3d1409491a6fcce6418fbe https://git.kernel.org/stable/c/1079df6acf56f99d86b0081a38c84701412cc90e https://git.kernel.org/stable/c/470a77989037c3ab2b08bf2d026d2c0ddc35ff5b https://git.kernel.org/stable/c/3991d98a8a07b71c02f3a39f77d6d9a7f575a5c4 https://git.kernel.org/stable/c/88c6e0995c04b170563b5c894c50a3b2152e18c2 https://git.kernel.org/stable/c/b9decada8749b606fd8b4f04a3d6c74f7983d7bc https://git.kernel.org/stable/c/a6cffe54064a5f6c2162a85af3c16c6b453eac4e https://git.kernel.org/stable/c/725a521a18734f65de05b8d353b5bd0d3ca4c37a
Powered by blists - more mailing lists