CVE-2022-50309 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/1c78f19c3a0ea312a8178a6bfd8934eb93e9b10a
https://git.kernel.org/stable/c/22b93530bbe6af9dce8e520bb6e978d1bda39d2b
https://git.kernel.org/stable/c/2630cc88327a5557aa0d9cc63be95e3c6e0a55b3
https://git.kernel.org/stable/c/2ea7caa9684687cf3adc1467cf4af3653a776192
https://git.kernel.org/stable/c/3336210948b22c2db43e9df2ea403d251b4d24ab
https://git.kernel.org/stable/c/3c38467c3255c428cdbd3cefaccca4662f302dc9
https://git.kernel.org/stable/c/59b315353252abe7b8fdb8651ca31b8484ce287a
https://git.kernel.org/stable/c/6e7b3b1e4e9f739800cd8010b75a9bee8d808cee
https://git.kernel.org/stable/c/7b0efe7534071e0153708886355d80db69525d50
https://lore.kernel.org/linux-cve-announce/2025091559-CVE-2022-50309-f82b@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-50309
https://www.cve.org/CVERecord?id=CVE-2022-50309

History

Wed, 17 Sep 2025 11:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Tue, 16 Sep 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025091559-CVE-2022-50309-f82b@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2022-50309 https://www.cve.org/CVERecord?id=CVE-2022-50309
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Moderate`

Mon, 15 Sep 2025 15:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak.
Title		media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init
References		https://git.kernel.org/stable/c/1c78f19c3a0ea312a8178a6bfd8934eb93e9b10a https://git.kernel.org/stable/c/22b93530bbe6af9dce8e520bb6e978d1bda39d2b https://git.kernel.org/stable/c/2630cc88327a5557aa0d9cc63be95e3c6e0a55b3 https://git.kernel.org/stable/c/2ea7caa9684687cf3adc1467cf4af3653a776192 https://git.kernel.org/stable/c/3336210948b22c2db43e9df2ea403d251b4d24ab https://git.kernel.org/stable/c/3c38467c3255c428cdbd3cefaccca4662f302dc9 https://git.kernel.org/stable/c/59b315353252abe7b8fdb8651ca31b8484ce287a https://git.kernel.org/stable/c/6e7b3b1e4e9f739800cd8010b75a9bee8d808cee https://git.kernel.org/stable/c/7b0efe7534071e0153708886355d80db69525d50

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-15T14:46:04.490Z

Updated: 2025-09-15T14:46:04.490Z

Reserved: 2025-09-15T14:18:36.813Z

Link: CVE-2022-50309

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-09-15T15:15:42.617

Modified: 2025-09-15T15:22:27.090

Link: CVE-2022-50309

Redhat

Severity : Moderate

Publid Date: 2025-09-15T00:00:00Z

Links: CVE-2022-50309 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object