Refcount Leak in Apple AIC IRQ Chip of Linux Kernel
CVE-2022-49718

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 February 2025

What is CVE-2022-49718?

In the Linux kernel's Apple AIC IRQ chip implementation, a refcount leak occurs due to the improper management of node pointers returned by the of_get_child_by_name() function. When this function is called, it returns a node pointer with its reference count incremented, but there was an omission in utilizing of_node_put() to release the reference when it is no longer needed. This oversight can lead to memory leaks over time, potentially destabilizing systems that rely on this kernel functionality. The vulnerability has been addressed in subsequent releases with the addition of the necessary of_node_put() calls to ensure proper reference management.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux a5e8801202b318622ea526aa5625e5f7eceb4d26 < 6c0010d1dc67c89bcc857c46f542efe318f84ddc

Linux a5e8801202b318622ea526aa5625e5f7eceb4d26 < 3d45670fab3c25a7452721e4588cc95c51cda134

Linux 5.18

References

https://git.kernel.org/stable/c/6c0010d1dc67c89bcc857c46f...

https://git.kernel.org/stable/c/3d45670fab3c25a7452721e45...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 26, 2025
Vulnerability Reserved
Feb 26, 2025

JSON

Linux

What is CVE-2022-49718?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.