CVE-2022-50109

low-risk

Published 2025-06-18

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: amba-clcd: Fix refcount leak bugs In clcdfb_of_init_display(), we should call of_node_put() for the references returned by of_graph_get_next_endpoint() and of_graph_get_remote_port_parent() which have increased the refcount. Besides, we should call of_node_put() both in fail path or when the references are not used anymore.

Do I need to act?

0.02% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (8)

Patch https://git.kernel.org/stable/c/2688df86c02da6bdc9866b62d974e169a2678883

Patch https://git.kernel.org/stable/c/26c2b7d9fac42eb8317f3ceefa4c1a9a9170ca69

Patch https://git.kernel.org/stable/c/29f06f1905c312671a09ee85ca92ac04a1d9f305

Patch https://git.kernel.org/stable/c/49a4c1a87ef884e43cdda58b142a2a30f2f09efc

Patch https://git.kernel.org/stable/c/a51519ebd0fdad3546463018b8f6bc3b0f4d3032

Patch https://git.kernel.org/stable/c/a88ab277cca99aeb9a3b2b7db358f1a6dd528b0c

Patch https://git.kernel.org/stable/c/a97ff8a949dbf41be89f436b2b1a2b3d794493df

Patch https://git.kernel.org/stable/c/da276dc288bf838ea0fd778b5441ec0f601c69f7

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal