CVE-2022-49150 in Linux
Summary
by MITRE • 02/26/2025
In the Linux kernel, the following vulnerability has been resolved:
rtc: gamecube: Fix refcount leak in gamecube_rtc_read_offset_from_sram
The of_find_compatible_node() function returns a node pointer with refcount incremented, We should use of_node_put() on it when done Add the missing of_node_put() to release the refcount.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 02/26/2025
The vulnerability CVE-2022-49150 represents a memory management issue within the Linux kernel's real-time clock implementation for GameCube hardware platforms. This flaw exists in the rtc gamecube driver component which handles communication with the hardware RTC device. The vulnerability manifests as a reference count leak that occurs during the execution of the gamecube_rtc_read_offset_from_sram function. The root cause stems from improper handling of device tree node references, specifically within the function that processes RTC offset data from system memory.
The technical flaw involves the incorrect management of reference counts for device tree nodes obtained through the of_find_compatible_node() API call. This kernel function returns a pointer to a device tree node with its reference count incremented to indicate that the node is in use. When the function completes its operation and no longer requires access to the node, the reference count must be decremented using the of_node_put() function to properly release the node back to the system. The absence of this cleanup operation results in a memory leak where the reference count remains incremented indefinitely.
The operational impact of this vulnerability extends beyond simple memory consumption issues. While the leak may appear minor in individual instances, it can accumulate over time and potentially lead to system instability or resource exhaustion on embedded systems with limited memory resources. The vulnerability affects Linux systems running on GameCube hardware platforms that utilize the RTC driver, particularly those implementing device tree based hardware configuration. This type of memory leak can be exploited by malicious actors to cause denial of service conditions through gradual resource depletion, or it may serve as an indicator of broader memory management issues within the kernel's device tree subsystem.
The vulnerability aligns with CWE-404, which categorizes improper resource management issues in software systems. It also demonstrates characteristics consistent with ATT&CK technique T1490, which involves resource exhaustion attacks that can be facilitated by memory leaks in kernel modules. Proper mitigation requires the implementation of correct reference counting practices throughout the kernel's device tree node handling code. System administrators should ensure that all kernel updates are applied promptly, as this vulnerability was resolved through the addition of the missing of_node_put() call in the affected code path. The fix ensures proper cleanup of device tree node references and prevents the accumulation of unreleased references that could eventually impact system performance or stability.