CVE-2022-49421 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/2e2e2c71b2642289438392edbf5d08cdbc0b138b
https://git.kernel.org/stable/c/38d245cebf545338a6bc1c7762023de3fbecd7b7
https://git.kernel.org/stable/c/51eb1bb6baeb478538dd4ec6459fd68c44a855b1
https://git.kernel.org/stable/c/6c92711db7c90f78e0b67ac2a8944d0fe7e12d83
https://git.kernel.org/stable/c/8db59df7f5826e104db82cfddbf22a33a151193e
https://git.kernel.org/stable/c/b23789a59fa6f00e98a319291819f91fbba0deb8
https://git.kernel.org/stable/c/bbb2a24e863b6a10129546a0a4ceea2f07deec39
https://git.kernel.org/stable/c/c1c4405222b6fc98c16e8c2aa679c14e41d81465
https://git.kernel.org/stable/c/f2dfb4ab887d67be7d0892ba041d3c8d738d3356
https://lore.kernel.org/linux-cve-announce/2025022654-CVE-2022-49421-6067@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-49421
https://www.cve.org/CVERecord?id=CVE-2022-49421

History

Wed, 16 Jul 2025 13:45:00 +0000

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.0018}`	epss `{'score': 0.00179}`

Thu, 27 Feb 2025 01:45:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025022654-CVE-2022-49421-6067@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2022-49421 https://www.cve.org/CVERecord?id=CVE-2022-49421
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Wed, 26 Feb 2025 02:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup of_parse_phandle() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak.
Title		video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup
References		https://git.kernel.org/stable/c/2e2e2c71b2642289438392edbf5d08cdbc0b138b https://git.kernel.org/stable/c/38d245cebf545338a6bc1c7762023de3fbecd7b7 https://git.kernel.org/stable/c/51eb1bb6baeb478538dd4ec6459fd68c44a855b1 https://git.kernel.org/stable/c/6c92711db7c90f78e0b67ac2a8944d0fe7e12d83 https://git.kernel.org/stable/c/8db59df7f5826e104db82cfddbf22a33a151193e https://git.kernel.org/stable/c/b23789a59fa6f00e98a319291819f91fbba0deb8 https://git.kernel.org/stable/c/bbb2a24e863b6a10129546a0a4ceea2f07deec39 https://git.kernel.org/stable/c/c1c4405222b6fc98c16e8c2aa679c14e41d81465 https://git.kernel.org/stable/c/f2dfb4ab887d67be7d0892ba041d3c8d738d3356

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-02-26T02:12:44.790Z

Updated: 2025-05-04T08:37:19.074Z

Reserved: 2025-02-26T02:08:31.568Z

Link: CVE-2022-49421

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-02-26T07:01:18.533

Modified: 2025-02-26T07:01:18.533

Link: CVE-2022-49421

Redhat

Severity : Moderate

Publid Date: 2025-02-26T00:00:00Z

Links: CVE-2022-49421 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object