CVE-2022-49213

ath10k: Fix error handling in ath10k_setup_msa_resources

Severity Score

"-"

*CVSS v-

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

MITRE
PS

In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix error handling in ath10k_setup_msa_resources The device_node pointer is returned by of_parse_phandle() with refcount
incremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regular path.
And it will cause refcount leak in error path.

The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed.

*Credits: N/A

CVSS Scores

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-02-26 CVE Reserved
2025-02-26 CVE Published
2025-05-04 CVE Updated
2025-06-28 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (6)

URL	Tag	Source
https://git.kernel.org/stable/c/727fec790ead3d75e2735f66209949c2163523ea	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/315772133a4b960859e4f5efe0e738e347188cdc	2022-04-08
https://git.kernel.org/stable/c/32939187f254171a5666badc058bc3787fe454af	2022-04-08
https://git.kernel.org/stable/c/74b1d41e1b6410eed5c76d00eedb262036e9eff5	2022-04-08
https://git.kernel.org/stable/c/4ed37d611ea5d222c3ecb3549e4c2d34b8f3c335	2022-04-08
https://git.kernel.org/stable/c/9747a78d5f758a5284751a10aee13c30d02bd5f1	2022-03-10

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 5.10.110 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 5.10.110"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 5.15.33 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 5.15.33"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 5.16.19 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 5.16.19"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 5.17.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 5.17.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.8 < 5.18 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.8 < 5.18"		en		Affected