Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. of_node_put() will check NULL pointer.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 3.5, < 4.9.320 |
References
- https://git.kernel.org/stable/c/0ef6917c0524da5b88496b9706628ffef108b9bbPatch
- https://git.kernel.org/stable/c/2a598da14856ead80c726b38ba426c68637d9211Patch
- https://git.kernel.org/stable/c/46da1e4a8b6329479433b2a4056941dfdd7f3efdPatch
- https://git.kernel.org/stable/c/4757c9ade34178b351580133771f510b5ffcf9c8Patch
- https://git.kernel.org/stable/c/57901c658f77d9ea2e772f35cb38e47efb54c558Patch
- https://git.kernel.org/stable/c/727c82d003e0ec64411fd1257a9a57de4ad7a99aPatch
- https://git.kernel.org/stable/c/b75bddfcc18170ce8e3fb695a76ec2dec4ce0ea5Patch
- https://git.kernel.org/stable/c/d85e4e6284a91aa2d1ab004e9d84b9c09b4aa203Patch
FAQ
What is CVE-2022-49712?
CVE-2022-49712 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe of_parse_phandle() returns a node pointer with refcount increment...
How severe is CVE-2022-49712?
CVE-2022-49712 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-49712?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.