CVE-2022-50038

drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors()

Description

In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() In this function, there are two refcount leak bugs: (1) when breaking out of for_each_endpoint_of_node(), we need call the of_node_put() for the 'ep'; (2) we should call of_node_put() for the reference returned by of_graph_get_remote_port() when it is not used anymore.

N/A
CVSS
Severity:
EPSS 0.02%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/6a758f0ba11699837af9e1a0f7cbac6ef765a23e
https://git.kernel.org/stable/c/fc1fc2abfcb9235d0ece9a4d858426fb617cfa66
https://git.kernel.org/stable/c/d58ef256781398ad115aef44de0a02ad27ea6c3a
https://git.kernel.org/stable/c/3aa710e96747c8b4e52ba12ffe09edcb2755897c
https://git.kernel.org/stable/c/fe71d84c1a6c0d54657431e8eeaefc9d24895304
https://git.kernel.org/stable/c/8dec38e19f6928235d4009ce55f7add8af34e5c7
https://git.kernel.org/stable/c/91b3c8dbe898df158fd2a84675f3a284ff6666f7

Frequently Asked Questions

What is the severity of CVE-2022-50038?
CVE-2022-50038 has not yet been assigned a CVSS score.
How to fix CVE-2022-50038?
To fix CVE-2022-50038, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2022-50038 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2022-50038 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2022-50038?
CVE-2022-50038 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.