Refcount Leak in Realview GIC Initialization in Linux Kernel
CVE-2022-49719

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 26 February 2025

What is CVE-2022-49719?

A vulnerability exists in the Linux kernel related to the Realview Generic Interrupt Controller (GIC) initialization process. The function responsible for matching device nodes, of_find_matching_node_and_match(), fails to properly manage reference counts, leading to a potential refcount leak. This oversight can result in memory management issues, as the system does not release the node pointer when it is no longer needed. To mitigate this risk, an additional call to of_node_put() has been added to ensure that reference counts are accurately decremented, thus preventing resource leaks and enhancing system stability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 82b0a434b436f5da69ddd24bd6a6fa5dc4484310 < 87da903ce632d5689bef66d56ee5dae700d82104

Linux 82b0a434b436f5da69ddd24bd6a6fa5dc4484310 < 486f68f85085d9b16ae097679b1486dcb1b6eb69

Linux 82b0a434b436f5da69ddd24bd6a6fa5dc4484310

References

https://git.kernel.org/stable/c/87da903ce632d5689bef66d56...

https://git.kernel.org/stable/c/486f68f85085d9b16ae097679...

https://git.kernel.org/stable/c/b634af84bc1edece4e63317b0...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 26, 2025
Vulnerability Reserved
Feb 26, 2025

JSON

Linux

What is CVE-2022-49719?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.