CVE-2022-50038
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
18/06/2025
Last modified:
13/11/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()<br />
<br />
In this function, there are two refcount leak bugs:<br />
(1) when breaking out of for_each_endpoint_of_node(), we need call<br />
the of_node_put() for the &#39;ep&#39;;<br />
(2) we should call of_node_put() for the reference returned by<br />
of_graph_get_remote_port() when it is not used anymore.
Impact
Base Score 3.x
5.50
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.10 (including) | 4.14.291 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.15 (including) | 4.19.256 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 4.20 (including) | 5.4.211 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.5 (including) | 5.10.138 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.11 (including) | 5.15.63 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 5.16 (including) | 5.19.4 (excluding) |
| cpe:2.3:o:linux:linux_kernel:6.0:rc1:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/3aa710e96747c8b4e52ba12ffe09edcb2755897c
- https://git.kernel.org/stable/c/6a758f0ba11699837af9e1a0f7cbac6ef765a23e
- https://git.kernel.org/stable/c/8dec38e19f6928235d4009ce55f7add8af34e5c7
- https://git.kernel.org/stable/c/91b3c8dbe898df158fd2a84675f3a284ff6666f7
- https://git.kernel.org/stable/c/d58ef256781398ad115aef44de0a02ad27ea6c3a
- https://git.kernel.org/stable/c/fc1fc2abfcb9235d0ece9a4d858426fb617cfa66
- https://git.kernel.org/stable/c/fe71d84c1a6c0d54657431e8eeaefc9d24895304