medium
5.5
Advisory Published
Updated

CVE-2022-49517: ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe

First published: Wed Feb 26 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe This node pointer is returned by of_parse_phandle() with refcount incremented in this function. Calling of_node_put() to avoid the refcount leak.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Linux Kernel>=4.12<4.14.283
Linux Kernel>=4.15<4.19.247
Linux Kernel>=4.20<5.4.198
Linux Kernel>=5.5<5.10.121
Linux Kernel>=5.11<5.15.46
Linux Kernel>=5.16<5.17.14
Linux Kernel>=5.18<5.18.3

Remedy

https://git.kernel.org/stable/c/05654431a18fe24e5e46a375d98904134628a102

Remedy

https://git.kernel.org/stable/c/318afb1442eeef089fe7f8a8297d97c0302ff6f6

Remedy

https://git.kernel.org/stable/c/61a85a20e8df5e0a92cfe169c92425c7bae0753b

Remedy

https://git.kernel.org/stable/c/9345122f5fb9f97a206f440f38bb656e53f46912

Remedy

https://git.kernel.org/stable/c/94587aa17abf8b26f543d2b29c44abc21bc36836

Remedy

https://git.kernel.org/stable/c/bc2afecaabd2a2c9f17e43b4793a30e3461bfb29

Remedy

https://git.kernel.org/stable/c/c71494f5f2b444adfd992a7359a0d2a791642b39

Remedy

https://git.kernel.org/stable/c/f279c49f17ce10866087ea6c0c57382158974b63

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2022-49517?

    CVE-2022-49517 has been rated as a low severity vulnerability.

  • What systems are affected by CVE-2022-49517?

    CVE-2022-49517 affects specific versions of the Linux kernel including those between 4.12 and 4.14.283, 4.15 and 4.19.247, 4.20 and 5.4.198, 5.5 and 5.10.121, 5.11 and 5.15.46, 5.16 and 5.17.14, and 5.18 and 5.18.3.

  • How do I fix CVE-2022-49517?

    To resolve CVE-2022-49517, upgrade to a version of the Linux kernel that is not affected by this vulnerability.

  • What is the nature of CVE-2022-49517?

    CVE-2022-49517 is a bug in the Linux kernel related to a missing of_node_put call in the mt2701_wm8960_machine_probe function.

  • When was CVE-2022-49517 disclosed?

    CVE-2022-49517 was disclosed as part of a patch for the Linux kernel.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203