CVE-2022-49396

low-risk

Published 2025-02-26

In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp: fix reset-controller leak on probe errors Make sure to release the lane reset controller in case of a late probe error (e.g. probe deferral). Note that due to the reset controller being defined in devicetree in "lane" child nodes, devm_reset_control_get_exclusive() cannot be used directly.

Do I need to act?

0.04% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (8)

Patch https://git.kernel.org/stable/c/2156dc390402043ba5982489c6625adcb0b0975c

Patch https://git.kernel.org/stable/c/4d2900f20edfe541f75756a00deeb2ffe7c66bc1

Patch https://git.kernel.org/stable/c/7ac21b24af859c097eb4034e93430056068f8f31

Patch https://git.kernel.org/stable/c/8c03eb0c8982677b4e17174073a011788891304d

Patch https://git.kernel.org/stable/c/a39d9eccb333b8c07c43ebea1c6dfda122378a0f

Patch https://git.kernel.org/stable/c/b7b5fbcaac5355e2e695dc0c08a0fcf248250388

Patch https://git.kernel.org/stable/c/ba173a6f8d8dffed64bb13ab23081bdddfb464f0

Patch https://git.kernel.org/stable/c/feb05b10b3ed3ae21b851520a0d0b71685439517

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal