CVE-2022-49002

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A reference count leak in the Linux kernel has been identified and resolved. The issue is related to the dmar dev scope init() function in the iommu/vt-d component. The for each pci dev() loop, which is implemented by pci get device(), increases the reference count for the returned pci dev and decreases the reference count for the input pci dev @from if it is not NULL. However, if the loop is broken with pdev not NULL, a call to pci dev put() is required to decrease the reference count, which was missing in the error path. This leak has been fixed by adding the necessary pci dev put() call.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the reference count leak in dmar dev scope init(). At the moment, there is no information about a newer version that contains a fix for this vulnerability.