Home

Description

In the Linux kernel, the following vulnerability has been resolved: hwrng: geode - Fix PCI device refcount leak for_each_pci_dev() is implemented by pci_get_device(). The comment of pci_get_device() says that it will increase the reference count for the returned pci_dev and also decrease the reference count for the input pci_dev @from if it is not NULL. If we break for_each_pci_dev() loop with pdev not NULL, we need to call pci_dev_put() to decrease the reference count. We add a new struct 'amd_geode_priv' to record pointer of the pci_dev and membase, and then add missing pci_dev_put() for the normal and error path.

PUBLISHED Reserved 2025-12-09 | Published 2025-12-09 | Updated 2025-12-09 | Assigner Linux

Product status

Default status
unaffected

ef5d862734b84239e0140319a95fb0bbff5ef394 (git) before 88f4ea623f59155280d99d1a59a968f838472c4a
affected

ef5d862734b84239e0140319a95fb0bbff5ef394 (git) before e2f44baf62567c5cfbc274974c7d96dddad53ccc
affected

ef5d862734b84239e0140319a95fb0bbff5ef394 (git) before 6b9e43c4098f1310f5b4d52121d007a219fa5d43
affected

ef5d862734b84239e0140319a95fb0bbff5ef394 (git) before 5cc818ad53df650cac8fb41d9066665366af3f03
affected

ef5d862734b84239e0140319a95fb0bbff5ef394 (git) before aa96aff394a511cc7bb7df08d1b8504d4d97671e
affected

ef5d862734b84239e0140319a95fb0bbff5ef394 (git) before 82bd423ed977847652b2048b0f8dcf049b1847a9
affected

ef5d862734b84239e0140319a95fb0bbff5ef394 (git) before 874f798c2db5ad595e46982d7f727a679dacb048
affected

ef5d862734b84239e0140319a95fb0bbff5ef394 (git) before 19b7b85773b18457ff85a9ff4f5e2a2d4bf7ed0c
affected

ef5d862734b84239e0140319a95fb0bbff5ef394 (git) before 9f6ec8dc574efb7f4f3d7ee9cd59ae307e78f445
affected

Default status
affected

2.6.18
affected

Any version before 2.6.18
unaffected

4.9.337 (semver)
unaffected

4.14.303 (semver)
unaffected

4.19.270 (semver)
unaffected

5.4.229 (semver)
unaffected

5.10.163 (semver)
unaffected

5.15.86 (semver)
unaffected

6.0.16 (semver)
unaffected

6.1.2 (semver)
unaffected

6.2 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/88f4ea623f59155280d99d1a59a968f838472c4a

git.kernel.org/...c/e2f44baf62567c5cfbc274974c7d96dddad53ccc

git.kernel.org/...c/6b9e43c4098f1310f5b4d52121d007a219fa5d43

git.kernel.org/...c/5cc818ad53df650cac8fb41d9066665366af3f03

git.kernel.org/...c/aa96aff394a511cc7bb7df08d1b8504d4d97671e

git.kernel.org/...c/82bd423ed977847652b2048b0f8dcf049b1847a9

git.kernel.org/...c/874f798c2db5ad595e46982d7f727a679dacb048

git.kernel.org/...c/19b7b85773b18457ff85a9ff4f5e2a2d4bf7ed0c

git.kernel.org/...c/9f6ec8dc574efb7f4f3d7ee9cd59ae307e78f445

cve.org (CVE-2022-50659)

nvd.nist.gov (CVE-2022-50659)

Download JSON