CVE-2022-49000

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in has_external_pci() for_each_pci_dev() is implemented by pci_get_device(). The comment of pci_get_device() says that it will increase the reference count for the returned pci_dev and also decrease the reference count for the input pci_dev @from if it is not NULL. If we break for_each_pci_dev() loop with pdev not NULL, we need to call pci_dev_put() to decrease the reference count. Add the missing pci_dev_put() before 'return true' to avoid reference count leak.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://git.kernel.org/stable/c/10ed7655a17f6a3eaecd1293830488259ccd5723	Patch
https://git.kernel.org/stable/c/17f67414718e6aba123335a33b7d15aa594fff34	Patch
https://git.kernel.org/stable/c/afca9e19cc720bfafc75dc5ce429c185ca93f31d	Patch
https://git.kernel.org/stable/c/b6eea8b2e858a20ad58ac62dc2de90fea2413f94	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc4::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc5::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc6::::::
	cpe:2.3:o:linux:linux_kernel:6.1:rc7::::::

History

31 Oct 2024, 14:56

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel:6.1:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc6:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.1:rc2:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc5:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc7:::::: cpe:2.3:o:linux:linux_kernel:6.1:rc1::::::
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.5
First Time		Linux Linux linux Kernel
CWE		NVD-CWE-Other
References	~~() https://git.kernel.org/stable/c/10ed7655a17f6a3eaecd1293830488259ccd5723 -~~	() https://git.kernel.org/stable/c/10ed7655a17f6a3eaecd1293830488259ccd5723 - Patch
References	~~() https://git.kernel.org/stable/c/17f67414718e6aba123335a33b7d15aa594fff34 -~~	() https://git.kernel.org/stable/c/17f67414718e6aba123335a33b7d15aa594fff34 - Patch
References	~~() https://git.kernel.org/stable/c/afca9e19cc720bfafc75dc5ce429c185ca93f31d -~~	() https://git.kernel.org/stable/c/afca9e19cc720bfafc75dc5ce429c185ca93f31d - Patch
References	~~() https://git.kernel.org/stable/c/b6eea8b2e858a20ad58ac62dc2de90fea2413f94 -~~	() https://git.kernel.org/stable/c/b6eea8b2e858a20ad58ac62dc2de90fea2413f94 - Patch

23 Oct 2024, 15:13

Type	Values Removed	Values Added
Summary		(es) En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu/vt-d: Se soluciona la fuga de recuento de referencias del dispositivo PCI en has_external_pci(). for_each_pci_dev() se implementa mediante pci_get_device(). El comentario de pci_get_device() dice que aumentará el recuento de referencias para el pci_dev devuelto y también disminuirá el recuento de referencias para el pci_dev de entrada @from si no es NULL. Si interrumpimos el bucle for_each_pci_dev() con pdev no NULL, debemos llamar a pci_dev_put() para disminuir el recuento de referencias. Agregue el pci_dev_put() faltante antes de 'return true' para evitar la fuga del recuento de referencias.

21 Oct 2024, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-21 20:15

Updated : 2024-10-31 14:56

NVD link : CVE-2022-49000

Mitre link : CVE-2022-49000

CVE.ORG link : CVE-2022-49000

JSON object : View

Products Affected

linux

linux_kernel

CWE

NVD-CWE-Other

5.5 /10