{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2022-50176", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-06-18T10:57:27.427Z", "datePublished": "2025-06-18T11:03:26.972Z", "dateUpdated": "2026-05-11T19:14:17.106Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2026-05-11T19:14:17.106Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mcde: Fix refcount leak in mcde_dsi_bind\n\nEvery iteration of for_each_available_child_of_node() decrements\nthe reference counter of the previous node. There is no decrement\nwhen break out from the loop and results in refcount leak.\nAdd missing of_node_put() to fix this."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/mcde/mcde_dsi.c"], "versions": [{"version": "5fc537bfd00033a3f813330175f7f12c25957ebf", "lessThan": "87c35bbefdfa3c5edfb8c80f5c04717aaacc629d", "status": "affected", "versionType": "git"}, {"version": "5fc537bfd00033a3f813330175f7f12c25957ebf", "lessThan": "f57699a9b66ea11f000f56d1f1179059239b8690", "status": "affected", "versionType": "git"}, {"version": "5fc537bfd00033a3f813330175f7f12c25957ebf", "lessThan": "3123ae6fdd4013d24a3a4877084b14e917faae5c", "status": "affected", "versionType": "git"}, {"version": "5fc537bfd00033a3f813330175f7f12c25957ebf", "lessThan": "7214902de5b1fb2b632a7b8b3b9540e41aabab38", "status": "affected", "versionType": "git"}, {"version": "5fc537bfd00033a3f813330175f7f12c25957ebf", "lessThan": "32c827e30bb44ae809950a9efab59e98e44d30e5", "status": "affected", "versionType": "git"}, {"version": "5fc537bfd00033a3f813330175f7f12c25957ebf", "lessThan": "3a149169e4a2f9127022fec6ef5d71b4e804b3b9", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/gpu/drm/mcde/mcde_dsi.c"], "versions": [{"version": "5.3", "status": "affected"}, {"version": "0", "lessThan": "5.3", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.211", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.137", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.61", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.18.18", "lessThanOrEqual": "5.18.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.19.2", "lessThanOrEqual": "5.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.0", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "5.4.211"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "5.10.137"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "5.15.61"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "5.18.18"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "5.19.2"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3", "versionEndExcluding": "6.0"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/87c35bbefdfa3c5edfb8c80f5c04717aaacc629d"}, {"url": "https://git.kernel.org/stable/c/f57699a9b66ea11f000f56d1f1179059239b8690"}, {"url": "https://git.kernel.org/stable/c/3123ae6fdd4013d24a3a4877084b14e917faae5c"}, {"url": "https://git.kernel.org/stable/c/7214902de5b1fb2b632a7b8b3b9540e41aabab38"}, {"url": "https://git.kernel.org/stable/c/32c827e30bb44ae809950a9efab59e98e44d30e5"}, {"url": "https://git.kernel.org/stable/c/3a149169e4a2f9127022fec6ef5d71b4e804b3b9"}], "title": "drm/mcde: Fix refcount leak in mcde_dsi_bind", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "DABFD37F-7E0C-41E0-9811-29A4EF9C11FB", "versionEndExcluding": "5.4.211", "versionStartIncluding": "5.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2BF720F-C5EE-4DE2-9BDF-CE4CFBC767F4", "versionEndExcluding": "5.10.137", "versionStartIncluding": "5.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "51861563-7F40-460F-82CD-2D3FBDAD6618", "versionEndExcluding": "5.15.61", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "5B42E453-8837-49D0-A5EF-03F818A6DC11", "versionEndExcluding": "5.18.18", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1A2A5A5-4598-4D7E-BA07-4660398D6C8F", "versionEndExcluding": "5.19.2", "versionStartIncluding": "5.19", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mcde: Fix refcount leak in mcde_dsi_bind\n\nEvery iteration of for_each_available_child_of_node() decrements\nthe reference counter of the previous node. There is no decrement\nwhen break out from the loop and results in refcount leak.\nAdd missing of_node_put() to fix this."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/mcde: Se corrige la fuga de recuento de referencias en mcde_dsi_bind. Cada iteraci\u00f3n de for_each_available_child_of_node() decrementa el contador de referencias del nodo anterior. No se produce decremento al salir del bucle, lo que provoca una fuga de recuento de referencias. Para solucionar esto, se ha a\u00f1adido la funci\u00f3n of_node_put() (faltante)."}], "id": "CVE-2022-50176", "lastModified": "2025-11-25T20:22:31.863", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-06-18T11:15:47.993", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3123ae6fdd4013d24a3a4877084b14e917faae5c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/32c827e30bb44ae809950a9efab59e98e44d30e5"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/3a149169e4a2f9127022fec6ef5d71b4e804b3b9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/7214902de5b1fb2b632a7b8b3b9540e41aabab38"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/87c35bbefdfa3c5edfb8c80f5c04717aaacc629d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f57699a9b66ea11f000f56d1f1179059239b8690"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: drm/mcde: Fix refcount leak in mcde_dsi_bind", "id": "2373622", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373622"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-402", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ndrm/mcde: Fix refcount leak in mcde_dsi_bind\nEvery iteration of for_each_available_child_of_node() decrements\nthe reference counter of the previous node. There is no decrement\nwhen break out from the loop and results in refcount leak.\nAdd missing of_node_put() to fix this."], "name": "CVE-2022-50176", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-06-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-50176\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-50176\nhttps://lore.kernel.org/linux-cve-announce/2025061831-CVE-2022-50176-f05e@gregkh/T"], "threat_severity": "Low"}

{"created": "2025-06-23T08:53:47.101803+00:00", "updated": "2025-06-23T08:53:47.101853+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}