Description

In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix unbalanced fwnode reference count in mdio_device_release() There is warning report about of_node refcount leak while probing mdio device: OF: ERROR: memory leak, expected refcount 1 instead of 2, of_node_get()/of_node_put() unbalanced - destroy cset entry: attach overlay node /spi/soc@0/mdio@710700c0/ethernet@4 In of_mdiobus_register_device(), we increase fwnode refcount by fwnode_handle_get() before associating the of_node with mdio device, but it has never been decreased in normal path. Since that, in mdio_device_release(), it needs to call fwnode_handle_put() in addition instead of calling kfree() directly. After above, just calling mdio_device_free() in the error handle path of of_mdiobus_register_device() is enough to keep the refcount balanced.

INFO

Published Date :

2024-10-21T20:05:45.849Z

Last Modified :

2025-05-04T08:26:59.413Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-48961 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-48961.

URL Resource
https://git.kernel.org/stable/c/16854177745a5648f8ec322353b432e18460f43a cve-icon cve-icon
https://git.kernel.org/stable/c/a5c6de1a6656b8cc6bce7cb3d9874dd7df4968c3 cve-icon cve-icon
https://git.kernel.org/stable/c/cb37617687f2bfa5b675df7779f869147c9002bd cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024102143-CVE-2022-48961-d44b@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-48961 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-48961 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact