CVE-2022-50576
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-10-22

Last updated on: 2025-10-22

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: serial: pch: Fix PCI device refcount leak in pch_request_dma() As comment of pci_get_slot() says, it returns a pci_device with its refcount increased. The caller must decrement the reference count by calling pci_dev_put(). Since 'dma_dev' is only used to filter the channel in filter(), we can call pci_dev_put() before exiting from pch_request_dma(). Add the missing pci_dev_put() for the normal and error path.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-22
Last Modified
2025-10-22
Generated
2026-06-16
AI Q&A
2025-10-22
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50576
EUVD
EUVD-2022-55652
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a reference count leak in the Linux kernel's serial pch driver, specifically in the function pch_request_dma(). The issue arises because pci_get_slot() increases the reference count of a PCI device, but the corresponding decrement (pci_dev_put()) was missing in pch_request_dma(), leading to a resource leak. The fix adds the missing pci_dev_put() calls to properly manage the reference count in both normal and error paths.

Impact Analysis

The impact of this vulnerability is a resource leak in the Linux kernel, which could potentially lead to increased memory usage or resource exhaustion over time. This might degrade system performance or stability, especially on systems that frequently use the affected serial pch driver functionality.

Mitigation Strategies

Apply the updated Linux kernel patch that fixes the PCI device reference count leak in the pch_request_dma() function by ensuring pci_dev_put() is called appropriately to decrement the reference count. This prevents resource leaks related to PCI device handling.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50576. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart