5.5

CVE-2022-49346

net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list

In the Linux kernel, the following vulnerability has been resolved:

net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list

Every iteration of for_each_available_child_of_node() decrements
the reference count of the previous node.
when breaking early from a for_each_available_child_of_node() loop,
we need to explicitly call of_node_put() on the gphy_fw_np.
Add missing of_node_put() to avoid refcount leak.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.20 < 5.4.198
LinuxLinux Kernel Version >= 5.5 < 5.10.122
LinuxLinux Kernel Version >= 5.11 < 5.15.47
LinuxLinux Kernel Version >= 5.16 < 5.17.15
LinuxLinux Kernel Version >= 5.18 < 5.18.4
LinuxLinux Kernel Version5.19 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.166
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://git.kernel.org/stable/c/0737e018a05e2aa352828c52bdeed3b02cff2930
Patch
https://git.kernel.org/stable/c/2e007ac6fa7c9c94ad84da075c5c504afad690a0
Patch
https://git.kernel.org/stable/c/32cd78c5610f02a929f63cac985e73692d05f33e
Patch
https://git.kernel.org/stable/c/54d6802c4d83fa8de7696cfec06f475d5fd92d27
Patch
https://git.kernel.org/stable/c/7c8df6fad43d9d5d77f281f794b2a93cd02fd1a9
Patch
https://git.kernel.org/stable/c/c2ae49a113a5344232f1ebb93bcf18bbd11e9c39
Patch