CVE-2022-49354

low-risk

Published 2025-02-26

In the Linux kernel, the following vulnerability has been resolved: ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe of_find_device_by_node() takes reference, we should use put_device() to release it when not need anymore. Add missing put_device() to avoid refcount leak.

Do I need to act?

0.06% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (2)

Linux Kernel

Affected Vendors

Linux

References (9)

Patch https://git.kernel.org/stable/c/10d6bdf532902be1d8aa5900b3c03c5671612aa2

Patch https://git.kernel.org/stable/c/19cb3ece14547cb1ca2021798aaf49a3f82643d1

Patch https://git.kernel.org/stable/c/7bd85c5ba1687daf54e3b6907673c3604b1e75cf

Patch https://git.kernel.org/stable/c/888312dc297a8a103f6371ef668c7e04f57a7679

Patch https://git.kernel.org/stable/c/8d8ad067b90f231b8fdb14acee673ca4012f6045

Patch https://git.kernel.org/stable/c/a4d3e5f1d7d4f8b5e3834fec0f057a762c55806b

Patch https://git.kernel.org/stable/c/c9782e1b21bee4b783a64b2a91e7e71406c21a21

Patch https://git.kernel.org/stable/c/d5a1e7f33c88780b279835d63665d7e38ccb671f

Patch https://git.kernel.org/stable/c/fb2cb409b504bb3a69e65a17f3120328c8e50219

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 7/34 · Low