CVE-2022-50161 - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: mtd: maps: Fix refcount leak in of_flash_probe_versatile of_find_matching_node_and_match() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/33ec82a6d2b119938f26e5c8040ed5d92378eb54
https://git.kernel.org/stable/c/3c8de6a838b7e0eb392754ac89dd66e698684342
https://git.kernel.org/stable/c/4d67c8f74d804b20febf716ec96e9a475457ec60
https://git.kernel.org/stable/c/52ae2b14f76ef2d490337ddc0037bc37125be7b8
https://git.kernel.org/stable/c/5d5ddd8771fa9cabeb247fba5f6ab60d63f3fbce
https://git.kernel.org/stable/c/79e57889aa0d92a6d769bad808fb105e7b6ea495
https://git.kernel.org/stable/c/9124d51e01232a91da4034768a2a8d1688472179
https://git.kernel.org/stable/c/f516fbb63873ee23cba5b7c3d239677c30f13df8
https://lore.kernel.org/linux-cve-announce/2025061825-CVE-2022-50161-8f64@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-50161
https://www.cve.org/CVERecord?id=CVE-2022-50161

History

Fri, 20 Jun 2025 02:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025061825-CVE-2022-50161-8f64@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2022-50161 https://www.cve.org/CVERecord?id=CVE-2022-50161
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Wed, 18 Jun 2025 11:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: mtd: maps: Fix refcount leak in of_flash_probe_versatile of_find_matching_node_and_match() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak.
Title		mtd: maps: Fix refcount leak in of_flash_probe_versatile
References		https://git.kernel.org/stable/c/33ec82a6d2b119938f26e5c8040ed5d92378eb54 https://git.kernel.org/stable/c/3c8de6a838b7e0eb392754ac89dd66e698684342 https://git.kernel.org/stable/c/4d67c8f74d804b20febf716ec96e9a475457ec60 https://git.kernel.org/stable/c/52ae2b14f76ef2d490337ddc0037bc37125be7b8 https://git.kernel.org/stable/c/5d5ddd8771fa9cabeb247fba5f6ab60d63f3fbce https://git.kernel.org/stable/c/79e57889aa0d92a6d769bad808fb105e7b6ea495 https://git.kernel.org/stable/c/9124d51e01232a91da4034768a2a8d1688472179 https://git.kernel.org/stable/c/f516fbb63873ee23cba5b7c3d239677c30f13df8

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-06-18T11:03:17.091Z

Updated: 2025-06-18T11:03:17.091Z

Reserved: 2025-06-18T10:57:27.425Z

Link: CVE-2022-50161

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-06-18T11:15:46.327

Modified: 2025-06-18T13:47:40.833

Link: CVE-2022-50161

Redhat

Severity : Low

Publid Date: 2025-06-18T00:00:00Z

Links: CVE-2022-50161 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object