CVE-2022-49462

low-risk

Published 2025-02-26

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. a6xx_gmu_init() passes the node to of_find_device_by_node() and of_dma_configure(), of_find_device_by_node() will takes its reference, of_dma_configure() doesn't need the node after usage. Add missing of_node_put() to avoid refcount leak.

Do I need to act?

0.05% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (6)

Patch https://git.kernel.org/stable/c/06907a374f1b74f8f2fb30720dc6df81331e4fb5

Patch https://git.kernel.org/stable/c/48e82ce8cdb19c20a5020fa446b286d6a147450c

Patch https://git.kernel.org/stable/c/65ddbc0d26824e2a5d6154d01d8cf39344900213

Patch https://git.kernel.org/stable/c/6832e36f156ea35a6ed74bca72727806116effdd

Patch https://git.kernel.org/stable/c/c56de483093d7ad0782327f95dda7da97bc4c315

Patch https://git.kernel.org/stable/c/edff4c1af831d0c02e654eed9da7d74174de49d5

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal