Skip to main content

Early Access — Mondoo Vulnerability Intelligence is currently in preview.

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

CVE-2022-49437 | Mondoo Vulnerability Intelligence

CVE-2022-49437

MEDIUM5.5

powerpc/xive: Fix refcount leak in xive_spapr_init

Published Feb 26, 2025

Modified 3 months ago

No fix available

Details

In the Linux kernel, the following vulnerability has been resolved:

powerpc/xive: Fix refcount leak in xive_spapr_init

of_find_compatible_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak.

References

WEBhttps://git.kernel.org/stable/c/1d1fb9618bdd5a5fbf9a9eb75133da301d33721c WEBhttps://git.kernel.org/stable/c/65f11ccdd746e0e7f0b469cc989ba43d4f30ecfe WEBhttps://git.kernel.org/stable/c/6e806485d851986a2445267608f27cb4ba2ed774 WEBhttps://git.kernel.org/stable/c/cc62dde2a5f4ba14016fd9caec76f08d388f4b9c ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2022-49437

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Ecosystems

Timeline

PublishedFeb 26, 2025

ModifiedOct 1, 2025