CVE-2022-50194

low-risk

Published 2025-06-18

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: aoss: Fix refcount leak in qmp_cooling_devices_register Every iteration of for_each_available_child_of_node() decrements the reference count of the previous node. When breaking early from a for_each_available_child_of_node() loop, we need to explicitly call of_node_put() on the child node. Add missing of_node_put() to avoid refcount leak.

Do I need to act?

0.02% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (6)

Patch https://git.kernel.org/stable/c/053543ac1d095132fcfd1263805d6e25afbdc6a8

Patch https://git.kernel.org/stable/c/591f0697ccbac33760d3bb1ad96a5ba2b76ae9f0

Patch https://git.kernel.org/stable/c/97713ed9b6cc4abaa2dcc8357113c56520dc6d7f

Patch https://git.kernel.org/stable/c/bc73c72a856c26df7410ddf15f42257cb4960fe9

Patch https://git.kernel.org/stable/c/ca83c61a6ccf3934cf8d01d5ade30a5034993a86

Patch https://git.kernel.org/stable/c/e6e0951414a314e7db3e9e24fd924b3e15515288

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal