What is the severity of CVE-2022-49486?

CVE-2022-49486 has been classified with a severity level that reflects a potential refcount leak in the Linux kernel's ASoC subsystem.

How do I fix CVE-2022-49486?

To mitigate CVE-2022-49486, ensure you apply the latest patches provided by your Linux kernel distributor that address the referenced refcount leak.

Which versions of the Linux kernel are affected by CVE-2022-49486?

CVE-2022-49486 affects various versions of the Linux kernel ranging from 3.5 to 5.4.198, as well as specific versions between 5.5 and 5.18.3.

What component of the Linux kernel is affected by CVE-2022-49486?

CVE-2022-49486 specifically affects the ASoC (ALSA System on Chip) component due to a refcount management issue.

Is CVE-2022-49486 exploitable?

While CVE-2022-49486 represents a programming error in the Linux kernel, its actual exploitability depends on the context in which the affected component is used.

Vulnerability/
CVE-2022-49486

medium

5.5

26/2/2025

17/3/2025

CVE-2022-49486: ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe

First published: Wed Feb 26 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe of_find_i2c_device_by_node() takes a reference, In error paths, we should call put_device() to drop the reference to aviod refount leak.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel
Linux Kernel	>=3.5<5.4.198
Linux Kernel	>=5.5<5.10.121
Linux Kernel	>=5.11<5.15.46
Linux Kernel	>=5.16<5.17.14
Linux Kernel	>=5.18<5.18.3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-49486?
CVE-2022-49486 has been classified with a severity level that reflects a potential refcount leak in the Linux kernel's ASoC subsystem.
How do I fix CVE-2022-49486?
To mitigate CVE-2022-49486, ensure you apply the latest patches provided by your Linux kernel distributor that address the referenced refcount leak.
Which versions of the Linux kernel are affected by CVE-2022-49486?
CVE-2022-49486 affects various versions of the Linux kernel ranging from 3.5 to 5.4.198, as well as specific versions between 5.5 and 5.18.3.
What component of the Linux kernel is affected by CVE-2022-49486?
CVE-2022-49486 specifically affects the ASoC (ALSA System on Chip) component due to a refcount management issue.
Is CVE-2022-49486 exploitable?
While CVE-2022-49486 represents a programming error in the Linux kernel, its actual exploitability depends on the context in which the affected component is used.

collector/mitre-cve
source/MITRE
agent/first-publish-date
agent/type
agent/references
agent/title
agent/author
agent/source
agent/description
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/remedy
agent/severity
agent/last-modified-date
agent/softwarecombine
agent/event
agent/tags
agent/guess-ai
agent/software-canonical-lookup-request
vendor/linux
canonical/linux kernel
version/linux kernel/3.5
version/linux kernel/5.5
version/linux kernel/5.11
version/linux kernel/5.16
version/linux kernel/5.18

CVE-2022-49486: ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-49486?

How do I fix CVE-2022-49486?

Which versions of the Linux kernel are affected by CVE-2022-49486?

What component of the Linux kernel is affected by CVE-2022-49486?

Is CVE-2022-49486 exploitable?

Company

Resources

Contact