CVE-2022-48656

2024-04-2813:15:07

Debian Security Bug Tracker

security-tracker.debian.org

linux kernel

vulnerability

resolved

dmaengine

k3-udma-private

refcount leak

bug

of_xudma_dev_get

of_node_put

of_parse_phandle

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

Confidence

Low

EPSS

Percentile

15.5%

JSON

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get() We should call of_node_put() for the reference returned by of_parse_phandle() in fail path or when it is not used anymore. Here we only need to move the of_node_put() before the check.

OSVersionArchitecturePackageVersionFilename
Debian12alllinux< 6.0.2-1linux_6.0.2-1_all.deb
Debian11alllinux< 5.10.148-1linux_5.10.148-1_all.deb
Debian999alllinux< 6.0.2-1linux_6.0.2-1_all.deb
Debian13alllinux< 6.0.2-1linux_6.0.2-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	linux	< 6.0.2-1	linux_6.0.2-1_all.deb
Debian	11	all	linux	< 5.10.148-1	linux_5.10.148-1_all.deb
Debian	999	all	linux	< 6.0.2-1	linux_6.0.2-1_all.deb
Debian	13	all	linux	< 6.0.2-1	linux_6.0.2-1_all.deb