CVE-2022-50188
BaseFortify
Publication date: 2025-06-18
Last updated on: 2025-11-19
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-Other |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a reference count leak in the Linux kernel's drm/meson component, specifically in the meson_encoder_hdmi_init function. The function of_find_device_by_node() increases the reference count of a device, but the code was missing a corresponding put_device() call to release the reference when it was no longer needed. This missing put_device() in the error path causes a reference count leak.
How can this vulnerability impact me? :
The reference count leak can lead to resource leaks in the kernel, potentially causing increased memory usage or instability over time. This may degrade system performance or cause unexpected behavior in the affected component.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, update your Linux kernel to a version that includes the fix for the refcount leak in drm/meson (meson_encoder_hdmi_init). This involves applying the patch that adds the missing put_device() call in the error path to avoid the refcount leak.