CVE-2022-50457

EPSS 0.02%
Veröffentlicht 01.10.2025 12:15:38
Zuletzt bearbeitet 02.10.2025 19:12:17
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

mtd: core: Fix refcount error in del_mtd_device()

del_mtd_device() will call of_node_put() to mtd_get_of_node(mtd), which
is mtd->dev.of_node. However, memset(&mtd->dev, 0) is called before
of_node_put(). As the result, of_node_put() won't do anything in
del_mtd_device(), and causes the refcount leak.

del_mtd_device()
    memset(&mtd->dev, 0, sizeof(mtd->dev) # clear mtd->dev
    of_node_put()
        mtd_get_of_node(mtd) # mtd->dev is cleared, can't locate of_node
                             # of_node_put(NULL) won't do anything

Fix the error by caching the pointer of the device_node.

OF: ERROR: memory leak, expected refcount 1 instead of 2,
of_node_get()/of_node_put() unbalanced - destroy cset entry: attach
overlay node /spi/spi-sram@0
CPU: 3 PID: 275 Comm: python3 Tainted: G N 6.1.0-rc3+ #54
    0d8a1edddf51f172ff5226989a7565c6313b08e2
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
rel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014
Call Trace:
<TASK>
    dump_stack_lvl+0x67/0x83
    kobject_get+0x155/0x160
    of_node_get+0x1f/0x30
    of_fwnode_get+0x43/0x70
    fwnode_handle_get+0x54/0x80
    fwnode_get_nth_parent+0xc9/0xe0
    fwnode_full_name_string+0x3f/0xa0
    device_node_string+0x30f/0x750
    pointer+0x598/0x7a0
    vsnprintf+0x62d/0x9b0
    ...
    cfs_overlay_release+0x30/0x90
    config_item_release+0xbe/0x1a0
    config_item_put+0x5e/0x80
    configfs_rmdir+0x3bd/0x540
    vfs_rmdir+0x18c/0x320
    do_rmdir+0x198/0x330
    __x64_sys_rmdir+0x2c/0x40
    do_syscall_64+0x37/0x90
    entry_SYSCALL_64_after_hwframe+0x63/0xcd

[<miquel.raynal@bootlin.com>: Light reword of the commit log]

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < f6016557f1ef7735963bd8691592d2797bbf91d2

Version 00596576a05145a1b5672897a82ef87af00becf4

Status affected

Version < 616dc895d982026f41f500c88d1bfea004938cc8

Version 00596576a05145a1b5672897a82ef87af00becf4

Status affected

Version < 56570bdad5e31c5c538cd6efff5c4510256e1bb4

Version 00596576a05145a1b5672897a82ef87af00becf4

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.17

Status affected

Version < 5.17

Version 0

Status unaffected

Version <= 6.0.*

Version 6.0.16

Status unaffected

Version <= 6.1.*

Version 6.1.2

Status unaffected

Version <= *

Version 6.2

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.044

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/56570bdad5e31c5c538cd6efff5c4510256e1bb4

https://git.kernel.org/stable/c/616dc895d982026f41f500c88d1bfea004938cc8

https://git.kernel.org/stable/c/f6016557f1ef7735963bd8691592d2797bbf91d2

https://nvd.nist.gov/vuln/detail/CVE-2022-50457

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50457

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50457

EUVD