Linux Kernel Vulnerability in GIC-v3 Error Handling
CVE-2022-49716

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 February 2025

What is CVE-2022-49716?

A vulnerability in the Linux kernel's GIC-v3 component was identified where improper error handling in the gic_populate_ppi_partitions function could lead to a refcount leak. Specifically, the function of_get_child_by_name() returns a node pointer with an incremented reference count that must be properly managed. If the kcalloc function fails, the existing code does not appropriately release the node, resulting in potential memory issues. This flaw has now been addressed by ensuring that of_node_put() is called when the node is no longer needed, thereby preventing resource leaks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 52085d3f2028d853f8d6ce7ead2f8a504f6077fa < 58e67c81e229351027d28c610638378606e33a08

Linux 52085d3f2028d853f8d6ce7ead2f8a504f6077fa < 7c9dd9d23f26dabcfb14148b9acdfba540418b19

Linux 52085d3f2028d853f8d6ce7ead2f8a504f6077fa < 0b325d993995a321f6ab4e6c51f0504ec092bf5b

References

https://git.kernel.org/stable/c/58e67c81e229351027d28c610...

https://git.kernel.org/stable/c/7c9dd9d23f26dabcfb14148b9...

https://git.kernel.org/stable/c/0b325d993995a321f6ab4e6c5...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 26, 2025
Vulnerability Reserved
Feb 26, 2025

JSON

Linux

What is CVE-2022-49716?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.