CVE-2022-50199

In the Linux kernel, the following vulnerability has been resolved: ARM: OMAP2+: Fix refcount leak in omapdss_init_of omapdss_find_dss_of_node() calls of_find_compatible_node() to get device node. of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() in later error path and normal path.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/14bac0c7035bf920e190a63c7e1b113c72eadbf4	Patch
https://git.kernel.org/stable/c/230ad40a59c9a9ee8f3822b9a7bec09404102ebc	Patch
https://git.kernel.org/stable/c/507159facf002d113c4878fec67f37d62f187887	Patch
https://git.kernel.org/stable/c/935035cf97c8cd6794044b500fb0a44a6d30ffa1	Patch
https://git.kernel.org/stable/c/9705db1eff38d6b9114121f9e253746199b759c9	Patch
https://git.kernel.org/stable/c/a32dc6829e33c54e751346aa3e08ddb6d0e1a6a0	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:4.20:-::::::
	cpe:2.3:o:linux:linux_kernel:4.20:rc3::::::
	cpe:2.3:o:linux:linux_kernel:4.20:rc4::::::
	cpe:2.3:o:linux:linux_kernel:4.20:rc5::::::
	cpe:2.3:o:linux:linux_kernel:4.20:rc6::::::
	cpe:2.3:o:linux:linux_kernel:4.20:rc7::::::

History

19 Nov 2025, 12:47

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
CPE		cpe:2.3:o:linux:linux_kernel:4.20:rc7:::::: cpe:2.3:o:linux:linux_kernel:4.20:rc4:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:4.20:rc3:::::: cpe:2.3:o:linux:linux_kernel:4.20:rc5:::::: cpe:2.3:o:linux:linux_kernel:4.20:rc6:::::: cpe:2.3:o:linux:linux_kernel:4.20:-::::::
CWE		NVD-CWE-Other
First Time		Linux Linux linux Kernel
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ARM: OMAP2+: Se corrige la fuga de recuento de referencias en omapdss_init_of. Omapdss_find_dss_of_node() llama a of_find_compatible_node() para obtener el nodo del dispositivo. of_find_compatible_node() devuelve un puntero de nodo con el recuento de referencias incrementado; al finalizar, se debe usar of_node_put(). Se añade la falta de of_node_put() en la ruta de error posterior y en la ruta normal.
References	~~() https://git.kernel.org/stable/c/14bac0c7035bf920e190a63c7e1b113c72eadbf4 -~~	() https://git.kernel.org/stable/c/14bac0c7035bf920e190a63c7e1b113c72eadbf4 - Patch
References	~~() https://git.kernel.org/stable/c/230ad40a59c9a9ee8f3822b9a7bec09404102ebc -~~	() https://git.kernel.org/stable/c/230ad40a59c9a9ee8f3822b9a7bec09404102ebc - Patch
References	~~() https://git.kernel.org/stable/c/507159facf002d113c4878fec67f37d62f187887 -~~	() https://git.kernel.org/stable/c/507159facf002d113c4878fec67f37d62f187887 - Patch
References	~~() https://git.kernel.org/stable/c/935035cf97c8cd6794044b500fb0a44a6d30ffa1 -~~	() https://git.kernel.org/stable/c/935035cf97c8cd6794044b500fb0a44a6d30ffa1 - Patch
References	~~() https://git.kernel.org/stable/c/9705db1eff38d6b9114121f9e253746199b759c9 -~~	() https://git.kernel.org/stable/c/9705db1eff38d6b9114121f9e253746199b759c9 - Patch
References	~~() https://git.kernel.org/stable/c/a32dc6829e33c54e751346aa3e08ddb6d0e1a6a0 -~~	() https://git.kernel.org/stable/c/a32dc6829e33c54e751346aa3e08ddb6d0e1a6a0 - Patch

18 Jun 2025, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-18 11:15

Updated : 2025-11-19 12:47

NVD link : CVE-2022-50199

Mitre link : CVE-2022-50199

CVE.ORG link : CVE-2022-50199

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

5.5 /10