CVE-2022-50458 - Vulnerability Details

- clk: tegra: Fix refcount leak in tegra210_clock_init

Description

In the Linux kernel, the following vulnerability has been resolved:

clk: tegra: Fix refcount leak in tegra210_clock_init

of_find_matching_node() returns a node pointer with refcount
incremented, we should use of_node_put() on it when not need anymore.
Add missing of_node_put() to avoid refcount leak.

Published: 2025-10-01

Score: 5.5 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Linux

unaffected

Version	Status	Constraints
`6b301a059eb2ebed1b12a900e3b21a38e48dd410`	affected	< a19360db83d29bd6b0de4ffad2c815d79246ba99
`6b301a059eb2ebed1b12a900e3b21a38e48dd410`	affected	< e715510adc20a4a07f157ece4e6d068e648a0383
`6b301a059eb2ebed1b12a900e3b21a38e48dd410`	affected	< ac010ec3484ba95c6ab3d946f9a83560005c13c6
`6b301a059eb2ebed1b12a900e3b21a38e48dd410`	affected	< 6d3ac23b952f374017e1a5249d1f03bdbc7f9878
`6b301a059eb2ebed1b12a900e3b21a38e48dd410`	affected	< f487137a53b1a0692211f7ae82c0a7f87c30bdbe
`6b301a059eb2ebed1b12a900e3b21a38e48dd410`	affected	< 417ed4432b1b40526b1cb50e535d46900505f6d9
`6b301a059eb2ebed1b12a900e3b21a38e48dd410`	affected	< 1a6d97139b0a370a9d0809a00e91c41f5bcd3ef1
`6b301a059eb2ebed1b12a900e3b21a38e48dd410`	affected	< f38f34ba1e1029b927b81b9bf9d952f4ed4007bd
`6b301a059eb2ebed1b12a900e3b21a38e48dd410`	affected	< 56c78cb1f00a9dde8cd762131ce8f4c5eb046fbb

Linux

affected

Version	Status	Constraints
`4.5`	affected	—
`0`	unaffected	< 4.5
`4.9.331`	unaffected	≤ 4.9.*
`4.14.296`	unaffected	≤ 4.14.*
`4.19.262`	unaffected	≤ 4.19.*
`5.4.220`	unaffected	≤ 5.4.*
`5.10.150`	unaffected	≤ 5.10.*
`5.15.75`	unaffected	≤ 5.15.*
`5.19.17`	unaffected	≤ 5.19.*
`6.0.3`	unaffected	≤ 6.0.*
`6.1`	unaffected	≤ *

Configuration 1 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

No data.

Vendor	Product	Confidence	Versions
Linux	Linux Kernel	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00016.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://git.kernel.org/stable/c/1a6d97139b0a370a9d0809a00e91c41f5bcd3ef1
https://git.kernel.org/stable/c/417ed4432b1b40526b1cb50e535d46900505f6d9
https://git.kernel.org/stable/c/56c78cb1f00a9dde8cd762131ce8f4c5eb046fbb
https://git.kernel.org/stable/c/6d3ac23b952f374017e1a5249d1f03bdbc7f9878
https://git.kernel.org/stable/c/a19360db83d29bd6b0de4ffad2c815d79246ba99
https://git.kernel.org/stable/c/ac010ec3484ba95c6ab3d946f9a83560005c13c6
https://git.kernel.org/stable/c/e715510adc20a4a07f157ece4e6d068e648a0383
https://git.kernel.org/stable/c/f38f34ba1e1029b927b81b9bf9d952f4ed4007bd
https://git.kernel.org/stable/c/f487137a53b1a0692211f7ae82c0a7f87c30bdbe
https://lore.kernel.org/linux-cve-announce/2025100119-CVE-2022-50458-4fa8@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-50458
https://www.cve.org/CVERecord?id=CVE-2022-50458

History

Fri, 16 Jan 2026 19:30:00 +0000

Type	Values Removed	Values Added
Weaknesses		NVD-CWE-Other
CPEs		cpe:2.3:o:linux:linux_kernel::::::::

Thu, 02 Oct 2025 09:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Vendors & Products		Linux Linux linux Kernel

Thu, 02 Oct 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025100119-CVE-2022-50458-4fa8@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2022-50458 https://www.cve.org/CVERecord?id=CVE-2022-50458
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}` threat_severity `Low`

Wed, 01 Oct 2025 12:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: clk: tegra: Fix refcount leak in tegra210_clock_init of_find_matching_node() returns a node pointer with refcount incremented, we should use of_node_put() on it when not need anymore. Add missing of_node_put() to avoid refcount leak.
Title		clk: tegra: Fix refcount leak in tegra210_clock_init
References		https://git.kernel.org/stable/c/1a6d97139b0a370a9d0809a00e91c41f5bcd3ef1 https://git.kernel.org/stable/c/417ed4432b1b40526b1cb50e535d46900505f6d9 https://git.kernel.org/stable/c/56c78cb1f00a9dde8cd762131ce8f4c5eb046fbb https://git.kernel.org/stable/c/6d3ac23b952f374017e1a5249d1f03bdbc7f9878 https://git.kernel.org/stable/c/a19360db83d29bd6b0de4ffad2c815d79246ba99 https://git.kernel.org/stable/c/ac010ec3484ba95c6ab3d946f9a83560005c13c6 https://git.kernel.org/stable/c/e715510adc20a4a07f157ece4e6d068e648a0383 https://git.kernel.org/stable/c/f38f34ba1e1029b927b81b9bf9d952f4ed4007bd https://git.kernel.org/stable/c/f487137a53b1a0692211f7ae82c0a7f87c30bdbe

Subscriptions

Linux Linux Kernel

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-01T11:45:30.959Z

Updated: 2026-05-11T19:19:50.687Z

Reserved: 2025-10-01T11:38:45.640Z

Link: CVE-2022-50458

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2025-10-01T12:15:39.123

Modified: 2026-06-17T05:23:35.733

Link: CVE-2022-50458

Redhat

Severity : Low

Publid Date: 2025-10-01T00:00:00Z

Links: CVE-2022-50458 - Bugzilla

OpenCVE Enrichment

Updated: 2025-10-02T08:38:37Z

Weaknesses

NVD-CWE-Other

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object