CVE-2022-48859

Published: Jul 16, 2024Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: Add missing of_node_put() in prestera_switch_set_base_mac_addr This node pointer is returned by of_find_compatible_node() with refcount incremented. Calling of_node_put() to aovid the refcount leak.

Affected (2)

Products: Linux: Linux Kernel

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 5.10 to 5.15.29
Linux Linux Kernel	From 5.16 to 5.16.15

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (6)

https://git.kernel.org/stable/c/4cc66bf17220ff9631f9fa99b02a872e0ad5a08b

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/b7c2fd1d126329340639adfb8dd2938fe4b65df7

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/c9ffa3e2bc451816ce0295e40063514fabf2bd36

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/4cc66bf17220ff9631f9fa99b02a872e0ad5a08b

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/b7c2fd1d126329340639adfb8dd2938fe4b65df7

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/c9ffa3e2bc451816ce0295e40063514fabf2bd36

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.