CVE-2022-50104 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_get_max_prio of_find_node_by_path() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

References

Link	Providers
https://git.kernel.org/stable/c/255b650cbec6849443ce2e0cdd187fd5e61c218c
https://git.kernel.org/stable/c/2e18b869a8d574cfe9ee64df9c3d0a7ac7ed07a8
https://git.kernel.org/stable/c/5ed9709d262bf026b2ff64979fbfe0f496287588
https://git.kernel.org/stable/c/6d1e53f7f181a11a8a343def1e0d0209905b7c64
https://git.kernel.org/stable/c/79b8eae24b7ee157bda07695d802be8576983fa8
https://git.kernel.org/stable/c/d99733ad47a6c990b52e136608455643bfa708f2
https://git.kernel.org/stable/c/ea494e8a9852abd0ba60f69b254ce0d7c38449e2
https://git.kernel.org/stable/c/f658d5b528ce97a68efbb64ee54f6fe0909b189a
https://lore.kernel.org/linux-cve-announce/2025061805-CVE-2022-50104-38ee@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-50104
https://www.cve.org/CVERecord?id=CVE-2022-50104

History

Fri, 20 Jun 2025 14:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025061805-CVE-2022-50104-38ee@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2022-50104 https://www.cve.org/CVERecord?id=CVE-2022-50104
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Wed, 18 Jun 2025 11:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xive_get_max_prio of_find_node_by_path() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak.
Title		powerpc/xive: Fix refcount leak in xive_get_max_prio
References		https://git.kernel.org/stable/c/255b650cbec6849443ce2e0cdd187fd5e61c218c https://git.kernel.org/stable/c/2e18b869a8d574cfe9ee64df9c3d0a7ac7ed07a8 https://git.kernel.org/stable/c/5ed9709d262bf026b2ff64979fbfe0f496287588 https://git.kernel.org/stable/c/6d1e53f7f181a11a8a343def1e0d0209905b7c64 https://git.kernel.org/stable/c/79b8eae24b7ee157bda07695d802be8576983fa8 https://git.kernel.org/stable/c/d99733ad47a6c990b52e136608455643bfa708f2 https://git.kernel.org/stable/c/ea494e8a9852abd0ba60f69b254ce0d7c38449e2 https://git.kernel.org/stable/c/f658d5b528ce97a68efbb64ee54f6fe0909b189a

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-06-18T11:02:39.443Z

Updated: 2025-06-18T11:02:39.443Z

Reserved: 2025-06-18T10:57:27.413Z

Link: CVE-2022-50104

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-06-18T11:15:39.787

Modified: 2025-06-18T13:47:40.833

Link: CVE-2022-50104

Redhat

Severity : Low

Publid Date: 2025-06-18T00:00:00Z

Links: CVE-2022-50104 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object