CVE-2022-50311
BaseFortify
Publication date: 2025-09-15
Last updated on: 2025-12-04
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 4.12 (inc) to 4.14.303 (exc) |
| linux | linux_kernel | From 4.15 (inc) to 4.19.270 (exc) |
| linux | linux_kernel | From 4.20 (inc) to 5.4.229 (exc) |
| linux | linux_kernel | From 5.5 (inc) to 5.10.163 (exc) |
| linux | linux_kernel | From 5.11 (inc) to 5.15.86 (exc) |
| linux | linux_kernel | From 5.16 (inc) to 6.0.16 (exc) |
| linux | linux_kernel | From 6.1 (inc) to 6.1.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-Other |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a refcount leak in the Linux kernel's cxl_calc_capp_routing function. The function of_get_next_parent() returns a node pointer with an incremented reference count, which should be decremented using of_node_put() when the node is no longer needed. However, the function only calls of_node_put() in the normal execution path and misses it in the error path, causing a reference count leak.
How can this vulnerability impact me? :
The refcount leak can lead to resource leaks in the kernel, potentially causing increased memory usage or instability over time as references are not properly released. This could degrade system performance or lead to unexpected behavior.