CVE-2022-50572

medium

Description

In the Linux kernel, the following vulnerability has been resolved: ASoC: audio-graph-card: fix refcount leak of cpu_ep in __graph_for_each_link() The of_get_next_child() returns a node with refcount incremented, and decrements the refcount of prev. So in the error path of the while loop, of_node_put() needs be called for cpu_ep.

References

https://git.kernel.org/stable/c/ed1376f771404917c2ec3ebc617431ec01146134

https://git.kernel.org/stable/c/8ab2d12c726f0fde0692fa5d81d8019b3dcd62d0

https://git.kernel.org/stable/c/85eb5c952b7fe2d2059beaa4a4dd26688b25547b

https://git.kernel.org/stable/c/4cc8431ec77a43ea106d8bde0860c61cfdda1cd0

https://git.kernel.org/stable/c/49dad92af6892f46851af989ef3aa7cd7316c389

https://git.kernel.org/stable/c/06c9d468c06806dab752eb8e72addbf3792c1023

Details

Source: Mitre, NVD

Published: 2025-10-22

Updated: 2025-10-22

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 5.5

Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00024