{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-13T11:25:21.407","vulnerabilities":[{"cve":{"id":"CVE-2022-48961","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-10-21T20:15:07.887","lastModified":"2024-10-24T20:02:22.347","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mdio: fix unbalanced fwnode reference count in mdio_device_release()\n\nThere is warning report about of_node refcount leak\nwhile probing mdio device:\n\nOF: ERROR: memory leak, expected refcount 1 instead of 2,\nof_node_get()/of_node_put() unbalanced - destroy cset entry:\nattach overlay node /spi/soc@0/mdio@710700c0/ethernet@4\n\nIn of_mdiobus_register_device(), we increase fwnode refcount\nby fwnode_handle_get() before associating the of_node with\nmdio device, but it has never been decreased in normal path.\nSince that, in mdio_device_release(), it needs to call\nfwnode_handle_put() in addition instead of calling kfree()\ndirectly.\n\nAfter above, just calling mdio_device_free() in the error handle\npath of of_mdiobus_register_device() is enough to keep the\nrefcount balanced."},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: net: mdio: arregla el recuento de referencias de fwnode no balanceado en mdio_device_release() Hay un informe de advertencia sobre una fuga de recuento de referencias de of_node mientras se sondea el dispositivo mdio: OF: ERROR: fuga de memoria, se esperaba un recuento de referencias de 1 en lugar de 2, of_node_get()/of_node_put() no balanceado - destruye la entrada de cset: adjunta el nodo superpuesto /spi/soc@0/mdio@710700c0/ethernet@4 En of_mdiobus_register_device(), aumentamos el recuento de referencias de fwnode mediante fwnode_handle_get() antes de asociar el of_node con el dispositivo mdio, pero nunca se ha reducido en la ruta normal. Desde entonces, en mdio_device_release(), necesita llamar a fwnode_handle_put() además en lugar de llamar a kfree() directamente. Después de lo anterior, simplemente llamar a mdio_device_free() en la ruta del controlador de errores de of_mdiobus_register_device() es suficiente para mantener el recuento de referencias equilibrado."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"5.15.83","matchCriteriaId":"73BF1A37-67E4-474D-84C2-1BDDFC244D25"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.0.13","matchCriteriaId":"389392A7-81C4-4C26-884B-8C7CF0F53DA4"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*","matchCriteriaId":"E7E331DA-1FB0-4DEC-91AC-7DA69D461C11"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*","matchCriteriaId":"17F0B248-42CF-4AE6-A469-BB1BAE7F4705"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*","matchCriteriaId":"E2422816-0C14-4B5E-A1E6-A9D776E5C49B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*","matchCriteriaId":"1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*","matchCriteriaId":"35B26BE4-43A6-4A36-A7F6-5B3F572D9186"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.1:rc6:*:*:*:*:*:*","matchCriteriaId":"3FFFB0B3-930D-408A-91E2-BAE0C2715D80"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.1:rc7:*:*:*:*:*:*","matchCriteriaId":"8535320E-A0DB-4277-800E-D0CE5BBA59E8"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.1:rc8:*:*:*:*:*:*","matchCriteriaId":"21718AA4-4056-40F2-968E-BDAA465A7872"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/16854177745a5648f8ec322353b432e18460f43a","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/a5c6de1a6656b8cc6bce7cb3d9874dd7df4968c3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/cb37617687f2bfa5b675df7779f869147c9002bd","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}