CVE-2022-48973

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to a PCI device reference count leak in the Linux kernel's gpio component, specifically in the amd8111 driver. The problem arises from the incorrect handling of errors in the ioport unmap() and amd gpio exit() functions in drivers/gpio/gpio-amd8111.c. This can potentially allow an attacker to cause a denial of service. The vulnerability is resolved by adding a missing pci dev put() call after the 'out' label and in the amd gpio exit() function to properly decrease the reference count.

Recommendations To resolve the issue, apply the fix that adds the missing pci dev put() call after the 'out' label and in the amd gpio exit() function. As a temporary workaround, consider restricting access to the vulnerable amd8111 driver to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.