PT-2025-26035 · Linux+2 · Linux Kernel+2

Published

2022-07-19

Updated

2025-07-28

CVE-2022-50109

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A refcount leak bug has been identified in the Linux kernel, specifically in the amba-clcd driver. The issue arises from the failure to call of node put() for references returned by of graph get next endpoint() and of graph get remote port parent(), which increases the refcount. This bug is resolved by ensuring of node put() is called in both the fail path and when the references are no longer needed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-911CWE-664

Related Identifiers

BDU:2026-03470

CVE-2022-50109

OESA-2025-1666

SUSE-SU-2025:02264-1

SUSE-SU-2025:02308-1

SUSE-SU-2025:02320-1

SUSE-SU-2025:02321-1

SUSE-SU-2025:02322-1

SUSE-SU-2025:02334-1

SUSE-SU-2025:02537-1

SUSE-SU-2025:2264-1

SUSE-SU-2025_02264-1

SUSE-SU-2025_02308-1

SUSE-SU-2025_02334-1

SUSE-SU-2025_02537-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-26035 · Linux+2 · Linux Kernel+2

CVE-2022-50109

Weakness Enumeration

Related Identifiers

Affected Products

References · 748