CVE-2022-49240 in Linux
Summary
by MITRE • 02/26/2025
In the Linux kernel, the following vulnerability has been resolved:
ASoC: mediatek: mt8195: Fix error handling in mt8195_mt6359_rt1019_rt5682_dev_probe
The device_node pointer is returned by of_parse_phandle() with refcount incremented. We should use of_node_put() on it when done.
This function only calls of_node_put() in the regular path. And it will cause refcount leak in error path.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 03/18/2025
The vulnerability CVE-2022-49240 represents a resource management flaw in the Linux kernel's audio subsystem, specifically within the Mediatek audio driver implementation. This issue affects the mt8195_mt6359_rt1019_rt5682_dev_probe function which handles device initialization for audio components on Mediatek SoC platforms. The problem manifests as a reference count leak in error handling paths, which can lead to system instability and resource exhaustion over time. The vulnerability is categorized under CWE-404, which deals with improper resource release or cleanup, and directly impacts the kernel's ability to properly manage device tree node references during audio device initialization processes.
The technical root cause stems from improper handling of device tree node pointers returned by the of_parse_phandle() function. This function increments the reference count of the device node pointer it returns, which is a standard practice in Linux kernel device tree parsing to prevent premature deallocation. However, the affected code correctly calls of_node_put() only in the normal execution path where initialization succeeds, but fails to release the reference count in error handling scenarios. When initialization fails, the function returns early without calling of_node_put() on the device node pointer, resulting in a reference count leak that accumulates with each failed initialization attempt.
The operational impact of this vulnerability extends beyond simple resource leak concerns to potentially affect system stability and performance on Mediatek-based devices. The reference count leak can accumulate over time, particularly on systems with frequent audio device initialization attempts or those experiencing repeated hardware detection failures. This can lead to memory pressure conditions where the kernel's device tree subsystem becomes starved of available resources, potentially causing system slowdowns, application crashes, or even complete system lockups. The vulnerability is particularly concerning in embedded systems or mobile devices where resource constraints are more severe and system reliability is paramount.
Mitigation strategies for CVE-2022-49240 involve implementing proper error path handling for device tree node references throughout the affected codebase. The recommended fix requires ensuring that all device node pointers obtained through of_parse_phandle() are properly released via of_node_put() regardless of whether the initialization succeeds or fails. This approach aligns with the ATT&CK framework's defensive techniques for resource management and kernel hardening, specifically addressing the T1547.001 technique related to kernel module manipulation and system stability maintenance. System administrators should ensure their kernels are updated to versions containing the patched implementation, while developers should adopt defensive programming practices that consistently manage reference counts in all code paths to prevent similar issues in other subsystems.