What is the severity of CVE-2022-49367?

CVE-2022-49367 has a moderate severity due to the refcount leak issue in the Linux kernel.

How do I fix CVE-2022-49367?

To fix CVE-2022-49367, update the Linux kernel to a version that includes the necessary patch.

What versions of the Linux kernel are affected by CVE-2022-49367?

CVE-2022-49367 affects various versions of the Linux kernel ranging from 4.11 to 5.18.4.

What is the main issue described in CVE-2022-49367?

CVE-2022-49367 describes a refcount leak in the mv88e6xxx driver, allowing a potential resource drain.

Is CVE-2022-49367 a remote code execution vulnerability?

No, CVE-2022-49367 does not lead to remote code execution but involves a resource management flaw.

Vulnerability/
CVE-2022-49367

medium

5.5

26/2/2025

14/4/2025

CVE-2022-49367: net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register

First published: Wed Feb 26 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register of_get_child_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. mv88e6xxx_mdio_register() pass the device node to of_mdiobus_register(). We don't need the device node after it. Add missing of_node_put() to avoid refcount leak.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel
Linux Kernel	>=4.11<4.14.283
Linux Kernel	>=4.15<4.19.247
Linux Kernel	>=4.20<5.4.198
Linux Kernel	>=5.5<5.10.122
Linux Kernel	>=5.11<5.15.47
Linux Kernel	>=5.16<5.17.15
Linux Kernel	>=5.18<5.18.4

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-49367?
CVE-2022-49367 has a moderate severity due to the refcount leak issue in the Linux kernel.
How do I fix CVE-2022-49367?
To fix CVE-2022-49367, update the Linux kernel to a version that includes the necessary patch.
What versions of the Linux kernel are affected by CVE-2022-49367?
CVE-2022-49367 affects various versions of the Linux kernel ranging from 4.11 to 5.18.4.
What is the main issue described in CVE-2022-49367?
CVE-2022-49367 describes a refcount leak in the mv88e6xxx driver, allowing a potential resource drain.
Is CVE-2022-49367 a remote code execution vulnerability?
No, CVE-2022-49367 does not lead to remote code execution but involves a resource management flaw.

collector/mitre-cve
source/MITRE
agent/first-publish-date
agent/type
agent/title
agent/references
agent/source
agent/author
agent/description
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-api
source/NVD
agent/severity
agent/last-modified-date
agent/remedy
agent/softwarecombine
agent/event
agent/tags
vendor/linux
canonical/linux kernel
version/linux kernel/4.11
version/linux kernel/4.15
version/linux kernel/4.20
version/linux kernel/5.5
version/linux kernel/5.11
version/linux kernel/5.16
version/linux kernel/5.18

Frequently Asked Questions

What is the severity of CVE-2022-49367?
CVE-2022-49367 has a moderate severity due to the refcount leak issue in the Linux kernel.
How do I fix CVE-2022-49367?
To fix CVE-2022-49367, update the Linux kernel to a version that includes the necessary patch.
What versions of the Linux kernel are affected by CVE-2022-49367?
CVE-2022-49367 affects various versions of the Linux kernel ranging from 4.11 to 5.18.4.
What is the main issue described in CVE-2022-49367?
CVE-2022-49367 describes a refcount leak in the mv88e6xxx driver, allowing a potential resource drain.
Is CVE-2022-49367 a remote code execution vulnerability?
No, CVE-2022-49367 does not lead to remote code execution but involves a resource management flaw.

CVE-2022-49367: net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-49367?

How do I fix CVE-2022-49367?

What versions of the Linux kernel are affected by CVE-2022-49367?

What is the main issue described in CVE-2022-49367?

Is CVE-2022-49367 a remote code execution vulnerability?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2022-49367?

How do I fix CVE-2022-49367?

What versions of the Linux kernel are affected by CVE-2022-49367?

What is the main issue described in CVE-2022-49367?

Is CVE-2022-49367 a remote code execution vulnerability?