CVE-2022-49161 in Linux
Summary
by MITRE • 02/26/2025
In the Linux kernel, the following vulnerability has been resolved:
ASoC: mediatek: Fix error handling in mt8183_da7219_max98357_dev_probe
The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done.
This function only calls of_node_put() in the regular path. And it will cause refcount leak in error paths. Fix this by calling of_node_put() in error handling too.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 02/26/2025
This vulnerability exists in the Linux kernel's audio subsystem specifically within the Mediatek audio driver implementation. The issue affects the mt8183_da7219_max98357_dev_probe function which handles device probing for audio hardware components. The vulnerability represents a resource management flaw that occurs during the device initialization process when parsing device tree properties. The problem stems from improper handling of device node references returned by the of_parse_phandle() function which increments the reference count of device tree nodes. When the function executes normally, it correctly releases the reference through of_node_put() in the standard execution path. However, during error conditions or early termination scenarios, the function fails to release these references leading to memory leaks and resource exhaustion.
The technical flaw manifests as a reference counting error that violates fundamental kernel memory management principles. When of_parse_phandle() returns a device_node pointer, it automatically increments the reference count to ensure the node remains valid during the operation. The kernel driver should decrement this reference count when the node is no longer needed, which is accomplished through of_node_put() calls. The current implementation properly releases these references in normal execution paths but omits this cleanup in error handling code paths. This creates a situation where device tree node references accumulate in memory without proper release, leading to resource leaks that can eventually impact system stability and performance. The vulnerability is classified as a resource leak under CWE-404, specifically involving improper resource management and reference counting errors.
The operational impact of this vulnerability extends beyond simple memory consumption issues to potentially affect system reliability and long-term stability. In embedded systems and mobile devices running Linux kernels with Mediatek audio hardware, this leak can accumulate over time and eventually cause memory pressure that impacts audio subsystem performance or even system crashes. The vulnerability is particularly concerning in resource-constrained environments where memory management is critical. Attackers could potentially exploit this leak to cause denial of service conditions by triggering multiple error paths in the audio driver, leading to progressive memory exhaustion. The issue affects devices using the mt8183_da7219_max98357 audio codec configuration, commonly found in various smartphones, tablets, and embedded systems utilizing Mediatek SoCs.
Mitigation strategies for this vulnerability involve implementing proper error handling patterns that ensure all acquired references are released regardless of execution path. The fix requires modifying the driver code to add of_node_put() calls in all error handling branches, ensuring that device node references are properly decremented in both success and failure scenarios. System administrators should ensure their kernels are updated to versions containing this fix, particularly in production environments where audio subsystem reliability is critical. Monitoring tools should be implemented to detect memory leaks in audio subsystems, and regular system audits should verify proper resource management in kernel drivers. The fix aligns with ATT&CK technique T1070.004 for Indicator Removal on Host, as it addresses improper resource handling that could be exploited to hide system degradation or create persistent resource exhaustion conditions. This vulnerability demonstrates the importance of comprehensive error handling in kernel drivers and the critical need for thorough testing of all code paths including error conditions.