CVE-2022-50429

low-risk

Published 2025-10-01

In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() We should add the of_node_put() when breaking out of for_each_child_of_node() as it will automatically increase and decrease the refcount.

Do I need to act?

0.01% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (1)

Linux Kernel

Affected Vendors

Linux

References (5)

Patch https://git.kernel.org/stable/c/1d312c12c91f831fcc48623c921f2d4560edb159

Patch https://git.kernel.org/stable/c/3b321bf7687968a090cf6b62bd8e67d692f59a16

Patch https://git.kernel.org/stable/c/48af14fb0eaa63d9aa68f59fb0b205ec55a95636

Patch https://git.kernel.org/stable/c/7e053784c4c70df28324106d476778be7a4519b3

Patch https://git.kernel.org/stable/c/daab421fc2dc7d6ae7eb20a3f565ae09652c68b9

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 5/34 · Minimal