What is the severity of CVE-2022-49678?

CVE-2022-49678 is classified as a medium severity vulnerability due to a refcount leak in the Linux kernel.

How do I fix CVE-2022-49678?

To fix CVE-2022-49678, upgrade your Linux kernel to a version that includes the patch for this vulnerability.

What versions of the Linux kernel are affected by CVE-2022-49678?

CVE-2022-49678 affects various versions of the Linux kernel between 4.15 and 5.19-rc3.

What is the impact of CVE-2022-49678 on Linux systems?

The impact of CVE-2022-49678 is a potential denial of service due to resource exhaustion from refcount leaks.

Is there a known exploit for CVE-2022-49678?

As of now, there are no public exploits specifically targeting CVE-2022-49678.

Vulnerability/
CVE-2022-49678

medium

5.5

26/2/2025

11/3/2025

CVE-2022-49678: soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe

First published: Wed Feb 26 2025(Updated: )

In the Linux kernel, the following vulnerability has been resolved: soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak. In brcmstb_init_sram, it pass dn to of_address_to_resource(), of_address_to_resource() will call of_find_device_by_node() to take reference, so we should release the reference returned by of_find_matching_node().

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Kernel
Linux Kernel	>=4.15<4.19.250
Linux Kernel	>=4.20<5.4.202
Linux Kernel	>=5.5<5.10.127
Linux Kernel	>=5.11<5.15.51
Linux Kernel	>=5.16<5.18.8
Linux Kernel	=5.19-rc1
Linux Kernel	=5.19-rc2
Linux Kernel	=5.19-rc3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-49678?
CVE-2022-49678 is classified as a medium severity vulnerability due to a refcount leak in the Linux kernel.
How do I fix CVE-2022-49678?
To fix CVE-2022-49678, upgrade your Linux kernel to a version that includes the patch for this vulnerability.
What versions of the Linux kernel are affected by CVE-2022-49678?
CVE-2022-49678 affects various versions of the Linux kernel between 4.15 and 5.19-rc3.
What is the impact of CVE-2022-49678 on Linux systems?
The impact of CVE-2022-49678 is a potential denial of service due to resource exhaustion from refcount leaks.
Is there a known exploit for CVE-2022-49678?
As of now, there are no public exploits specifically targeting CVE-2022-49678.

collector/mitre-cve
source/MITRE
agent/first-publish-date
agent/type
agent/title
agent/references
agent/author
agent/source
agent/description
agent/guess-ai
agent/software-canonical-lookup
collector/nvd-api
source/NVD
agent/remedy
agent/severity
agent/last-modified-date
agent/softwarecombine
agent/tags
agent/event
vendor/linux
canonical/linux kernel
version/linux kernel/4.15
version/linux kernel/4.20
version/linux kernel/5.5
version/linux kernel/5.11
version/linux kernel/5.16
version/linux kernel/5.19-rc1
version/linux kernel/5.19-rc2
version/linux kernel/5.19-rc3

CVE-2022-49678: soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2022-49678?

How do I fix CVE-2022-49678?

What versions of the Linux kernel are affected by CVE-2022-49678?

What is the impact of CVE-2022-49678 on Linux systems?

Is there a known exploit for CVE-2022-49678?

Company

Resources

Contact