CVE-2022-49242

ASoC: mxs: Fix error handling in mxs_sgtl5000_probe

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: mxs: Fix error handling in mxs_sgtl5000_probe This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. For example, when codec_np is NULL, saif_np[0] and saif_np[1] are not NULL, it will cause leaks. of_node_put() will check if the node pointer is NULL, so we can call it directly to release the refcount of regular pointers.

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/f16ad2c0e22687f80e5981c67374023f51c204b9 patch
https://git.kernel.org/stable/c/790d2628e3fcc819d8f5572eb5615113fb2e727a patch
https://git.kernel.org/stable/c/f8d38056bcd220ea6f0802a5586d1a12ebcce849 patch
https://git.kernel.org/stable/c/67e12f1cb2f97468c12b59e21975eaa0f332e7d2 patch
https://git.kernel.org/stable/c/86b6cf989437e694fd0a15782b5a513853a739e0 patch
https://git.kernel.org/stable/c/44acdaf7acb60054d872bed18ce0e7db8ce900ce patch
https://git.kernel.org/stable/c/d2923b48d99fe663cb93d8b481c93299fcd68656 patch
https://git.kernel.org/stable/c/8d880226c86f37624e2a5f3c6d92ac0ec3375f96 patch
https://git.kernel.org/stable/c/6ae0a4d8fec551ec581d620f0eb1fe31f755551c patch

Frequently Asked Questions

What is the severity of CVE-2022-49242?
CVE-2022-49242 has been scored as a medium severity vulnerability.
How to fix CVE-2022-49242?
To fix CVE-2022-49242, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-49242 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-49242 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-49242?
CVE-2022-49242 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.