CVE-2022-49432 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: powerpc/xics: fix refcount leak in icp_opal_init() The of_find_compatible_node() function returns a node pointer with refcount incremented, use of_node_put() on it when done.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/1d5c8cea85fb1680eae8d645b96b92146cb4633c
https://git.kernel.org/stable/c/2357bd7499a81c70b460e2191852bbfc7b63c354
https://git.kernel.org/stable/c/537a317e5ff45d1f5a0ecaf6a0d7c8043c878cb1
https://git.kernel.org/stable/c/53f3f7f73e609b934083f896cb7ca2c2cb009b9f
https://git.kernel.org/stable/c/5dd9e27ea4a39f7edd4bf81e9e70208e7ac0b7c9
https://git.kernel.org/stable/c/6a61a97106279c2aa16fbbb2a171fd5dde127d23
https://git.kernel.org/stable/c/977dbc81d0f866ef63b93c127b7404f07734b3cc
https://git.kernel.org/stable/c/9a42bc2494fadb453de00ce61042e588563ddc6d
https://git.kernel.org/stable/c/df802880a7f9cd96b921b00639b00871f18a9a57
https://lore.kernel.org/linux-cve-announce/2025022656-CVE-2022-49432-12c6@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-49432
https://www.cve.org/CVERecord?id=CVE-2022-49432

History

Mon, 28 Apr 2025 16:00:00 +0000

Type	Values Removed	Values Added
Weaknesses		CWE-401
Metrics	threat_severity `Moderate`	threat_severity `Low`

Thu, 27 Feb 2025 01:45:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025022656-CVE-2022-49432-12c6@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2022-49432 https://www.cve.org/CVERecord?id=CVE-2022-49432
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Wed, 26 Feb 2025 02:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: powerpc/xics: fix refcount leak in icp_opal_init() The of_find_compatible_node() function returns a node pointer with refcount incremented, use of_node_put() on it when done.
Title		powerpc/xics: fix refcount leak in icp_opal_init()
References		https://git.kernel.org/stable/c/1d5c8cea85fb1680eae8d645b96b92146cb4633c https://git.kernel.org/stable/c/2357bd7499a81c70b460e2191852bbfc7b63c354 https://git.kernel.org/stable/c/537a317e5ff45d1f5a0ecaf6a0d7c8043c878cb1 https://git.kernel.org/stable/c/53f3f7f73e609b934083f896cb7ca2c2cb009b9f https://git.kernel.org/stable/c/5dd9e27ea4a39f7edd4bf81e9e70208e7ac0b7c9 https://git.kernel.org/stable/c/6a61a97106279c2aa16fbbb2a171fd5dde127d23 https://git.kernel.org/stable/c/977dbc81d0f866ef63b93c127b7404f07734b3cc https://git.kernel.org/stable/c/9a42bc2494fadb453de00ce61042e588563ddc6d https://git.kernel.org/stable/c/df802880a7f9cd96b921b00639b00871f18a9a57

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-02-26T02:12:50.073Z

Updated: 2025-05-04T08:37:32.456Z

Reserved: 2025-02-26T02:08:31.569Z

Link: CVE-2022-49432

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-02-26T07:01:19.667

Modified: 2025-02-26T07:01:19.667

Link: CVE-2022-49432

Redhat

Severity : Low

Publid Date: 2025-02-26T00:00:00Z

Links: CVE-2022-49432 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object