CVE-2022-49185

low-risk

Published 2025-02-26

In the Linux kernel, the following vulnerability has been resolved: pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. Calling of_node_put() to avoid the refcount leak.

Do I need to act?

0.04% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (9)

Patch https://git.kernel.org/stable/c/0067ba448f1c29ca06e5aee00d8506889ed1f9d0

Patch https://git.kernel.org/stable/c/0356d4b64a03d23daf99a2a29d7d7d91d6ec2ea8

Patch https://git.kernel.org/stable/c/59250d547542f1c7765a78dc97ddfe5e6b0d2ab0

Patch https://git.kernel.org/stable/c/62580a40c9bef3d8a90629c64dda381344b35ffd

Patch https://git.kernel.org/stable/c/669b05ff43bd7ed684379c6e2006a6dad5127b71

Patch https://git.kernel.org/stable/c/9511c6018cd772668def8b034bc67269847e591a

Patch https://git.kernel.org/stable/c/bc1e29a35147c1ba6ea2b06a16cb0028f7c852d2

Patch https://git.kernel.org/stable/c/c09ac191b1f97cfa06f394dbfd7a5db07986cefc

Patch https://git.kernel.org/stable/c/c52703355766c347f270df222a744e0c491a02f2

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal