U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

CVE-2022-49011 Detail

Description

In the Linux kernel, the following vulnerability has been resolved: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() As comment of pci_get_domain_bus_and_slot() says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by calling pci_dev_put(). So call it after using to avoid refcount leak.


Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.
CVSS 4.0 Severity and Vector Strings:

NIST CVSS score
NIST: NVD
N/A
NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://git.kernel.org/stable/c/0dd1da5a15eeecb2fe4cf131b3216fb455af783c Patch 
https://git.kernel.org/stable/c/2f74cffc7c85f770b1b1833dccb03b8cde3be102 Patch 
https://git.kernel.org/stable/c/6e035d5a2a6b907cfce9a80c5f442c2e459cd34e Patch 
https://git.kernel.org/stable/c/7dec14537c5906b8bf40fd6fd6d9c3850f8df11d Patch 
https://git.kernel.org/stable/c/bb75a0d1223d43f97089841aecb28a9b4de687a9 Patch 
https://git.kernel.org/stable/c/c40db1e5f316792b557d2be37e447c20d9ac4635 Patch 
https://git.kernel.org/stable/c/ea5844f946b1ec5c0b7c115cd7684f34fd48021b Patch 
https://git.kernel.org/stable/c/f598da27acbeee414679cacd14294db3e273e3d2 Patch 

Weakness Enumeration

CWE-ID CWE Name Source
CWE-401 Missing Release of Memory after Effective Lifetime cwe source acceptance level NIST  

Known Affected Software Configurations Switch to CPE 2.2

CPEs loading, please wait.

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

2 change records found show changes

Quick Info

CVE Dictionary Entry:
CVE-2022-49011
NVD Published Date:
10/21/2024
NVD Last Modified:
10/24/2024
Source:
kernel.org