FKIE_CVE-2022-50158
Vulnerability from fkie_nvd - Published: 2025-06-18 11:15 - Updated: 2026-06-17 05:22
Severity
Summary
In the Linux kernel, the following vulnerability has been resolved:
mtd: partitions: Fix refcount leak in parse_redboot_of
of_get_child_by_name() returns a node pointer with refcount
incremented, we should use of_node_put() on it when not need anymore.
Add missing of_node_put() to avoid refcount leak.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * |
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/mtd/parsers/redboot.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "f3cc27198c5d78cdda60a55ae749f815cd1fe5eb",
"status": "affected",
"version": "6490ed7c4684caf9851a0b98e0ab17a8d693dada",
"versionType": "git"
},
{
"lessThan": "55d0f7da66dec93c4d53d0886a1555618079a900",
"status": "affected",
"version": "2f8824f556a3ebea9840c53326e55cc183316611",
"versionType": "git"
},
{
"lessThan": "8ea607579d300b2f7fc997f3dd20949114565fcd",
"status": "affected",
"version": "237960880960863fb41888763d635b384cffb104",
"versionType": "git"
},
{
"lessThan": "7ec48ac18d8f9e002ce9bfbad32741086739e499",
"status": "affected",
"version": "237960880960863fb41888763d635b384cffb104",
"versionType": "git"
},
{
"lessThan": "e24af43d0cbe9f6aaa413c15ccce50bbbfd61e0e",
"status": "affected",
"version": "237960880960863fb41888763d635b384cffb104",
"versionType": "git"
},
{
"lessThan": "9f7e62815cf3cbbcb1b8cb21649fb4dfdb3aa016",
"status": "affected",
"version": "237960880960863fb41888763d635b384cffb104",
"versionType": "git"
},
{
"status": "affected",
"version": "fa132c7ea108eacc67357ffe3172d3e68fcd71a2",
"versionType": "git"
},
{
"status": "affected",
"version": "d5023eb76f0dc651558b0c7ba04565891ff18435",
"versionType": "git"
},
{
"lessThan": "5.4.211",
"status": "affected",
"version": "5.4.132",
"versionType": "semver"
},
{
"lessThan": "5.10.137",
"status": "affected",
"version": "5.10.50",
"versionType": "semver"
},
{
"lessThan": "5.13",
"status": "affected",
"version": "5.12.17",
"versionType": "semver"
},
{
"lessThan": "5.14",
"status": "affected",
"version": "5.13.2",
"versionType": "semver"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/mtd/parsers/redboot.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.14"
},
{
"lessThan": "5.14",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.211",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.137",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.61",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.18.*",
"status": "unaffected",
"version": "5.18.18",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.19.*",
"status": "unaffected",
"version": "5.19.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.0",
"versionType": "original_commit_for_fix"
}
]
}
],
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A8F272D-26DC-40F8-B558-45A8EA5AB5BA",
"versionEndExcluding": "5.4.211",
"versionStartIncluding": "5.4.132",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CFB85EBC-F3AF-425F-8D42-981B2F776CD5",
"versionEndExcluding": "5.10.137",
"versionStartIncluding": "5.10.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CDB1D52E-21AB-4ECE-9119-6594F8FF3B3A",
"versionEndExcluding": "5.13",
"versionStartIncluding": "5.12.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C6935A66-8326-4D16-8E57-0D3E9F8908DD",
"versionEndExcluding": "5.15.61",
"versionStartIncluding": "5.13.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B42E453-8837-49D0-A5EF-03F818A6DC11",
"versionEndExcluding": "5.18.18",
"versionStartIncluding": "5.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1A2A5A5-4598-4D7E-BA07-4660398D6C8F",
"versionEndExcluding": "5.19.2",
"versionStartIncluding": "5.19",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: partitions: Fix refcount leak in parse_redboot_of\n\nof_get_child_by_name() returns a node pointer with refcount\nincremented, we should use of_node_put() on it when not need anymore.\nAdd missing of_node_put() to avoid refcount leak."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: mtd: particiones: Se corrige la fuga de recuento de referencias en parse_redboot_of. of_get_child_by_name() devuelve un puntero de nodo con el recuento de referencias incrementado. Debemos usar of_node_put() cuando ya no sea necesario. Se ha a\u00f1adido la funci\u00f3n of_node_put() que falta para evitar la fuga de recuento de referencias."
}
],
"id": "CVE-2022-50158",
"lastModified": "2026-06-17T05:22:52.633",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-06-18T11:15:45.977",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/55d0f7da66dec93c4d53d0886a1555618079a900"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/7ec48ac18d8f9e002ce9bfbad32741086739e499"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/8ea607579d300b2f7fc997f3dd20949114565fcd"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/9f7e62815cf3cbbcb1b8cb21649fb4dfdb3aa016"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/e24af43d0cbe9f6aaa413c15ccce50bbbfd61e0e"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/f3cc27198c5d78cdda60a55ae749f815cd1fe5eb"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…