CVE-2022-49887 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdec_probe() v4l2_device_unregister need to be called to put the refcount got by v4l2_device_register when vdec_probe fails or vdec_remove is called.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc1::::::

No data.

References

Link	Providers
https://git.kernel.org/stable/c/0457e7b12ece1a7e41fa0ae8b7e47c0a72a83bef
https://git.kernel.org/stable/c/70119756311a0be3b95bec2e1ba714673e90feba
https://git.kernel.org/stable/c/7718999356234d9cc6a11b4641bb773928f1390f
https://git.kernel.org/stable/c/be6e22f54623d8a856a4f167b25be73c2ff1ff80
https://git.kernel.org/stable/c/f96ad391d054bd5c36994f98afd6a12cbb5600bf

History

Wed, 07 May 2025 13:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Weaknesses		NVD-CWE-Other
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.1:rc1::::::
Vendors & Products		Linux Linux linux Kernel
Metrics		cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Thu, 01 May 2025 14:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdec_probe() v4l2_device_unregister need to be called to put the refcount got by v4l2_device_register when vdec_probe fails or vdec_remove is called.
Title		media: meson: vdec: fix possible refcount leak in vdec_probe()
References		https://git.kernel.org/stable/c/0457e7b12ece1a7e41fa0ae8b7e47c0a72a83bef https://git.kernel.org/stable/c/70119756311a0be3b95bec2e1ba714673e90feba https://git.kernel.org/stable/c/7718999356234d9cc6a11b4641bb773928f1390f https://git.kernel.org/stable/c/be6e22f54623d8a856a4f167b25be73c2ff1ff80 https://git.kernel.org/stable/c/f96ad391d054bd5c36994f98afd6a12cbb5600bf

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-05-01T14:10:32.569Z

Updated: 2025-05-04T08:47:49.296Z

Reserved: 2025-05-01T14:05:17.242Z

Link: CVE-2022-49887

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2025-05-01T15:16:13.690

Modified: 2025-05-07T13:20:20.687

Link: CVE-2022-49887

Redhat

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object