Refcount Leak in Realview GIC Initialization in Linux Kernel
CVE-2022-49719

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 February 2025

Summary

A vulnerability exists in the Linux kernel related to the Realview Generic Interrupt Controller (GIC) initialization process. The function responsible for matching device nodes, of_find_matching_node_and_match(), fails to properly manage reference counts, leading to a potential refcount leak. This oversight can result in memory management issues, as the system does not release the node pointer when it is no longer needed. To mitigate this risk, an additional call to of_node_put() has been added to ensure that reference counts are accurately decremented, thus preventing resource leaks and enhancing system stability.

Affected Version(s)

Linux 82b0a434b436f5da69ddd24bd6a6fa5dc4484310 < 87da903ce632d5689bef66d56ee5dae700d82104

Linux 82b0a434b436f5da69ddd24bd6a6fa5dc4484310 < 486f68f85085d9b16ae097679b1486dcb1b6eb69

Linux 82b0a434b436f5da69ddd24bd6a6fa5dc4484310

References

https://git.kernel.org/stable/c/87da903ce632d5689bef66d56...

https://git.kernel.org/stable/c/486f68f85085d9b16ae097679...

https://git.kernel.org/stable/c/b634af84bc1edece4e63317b0...

Timeline

Vulnerability published
Feb 26, 2025
Vulnerability Reserved
Feb 26, 2025