CVE-2022-49463 in Linux
Summary
by MITRE • 02/26/2025
In the Linux kernel, the following vulnerability has been resolved:
thermal/drivers/imx_sc_thermal: Fix refcount leak in imx_sc_thermal_probe
of_find_node_by_name() returns a node pointer with refcount incremented, we should use of_node_put() on it when done. Add missing of_node_put() to avoid refcount leak.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 02/26/2025
The vulnerability CVE-2022-49463 represents a memory management issue within the Linux kernel's thermal subsystem, specifically affecting the imx_sc_thermal driver used in i.MX system controller devices. This flaw manifests as a reference count leak that occurs during the device probe phase of driver initialization. The imx_sc_thermal driver is responsible for managing thermal sensors and temperature monitoring capabilities in i.MX SoC platforms, making it a critical component for system thermal management and hardware stability.
The technical root cause of this vulnerability stems from improper handling of device tree node references within the imx_sc_thermal_probe function. When the driver calls of_find_node_by_name(), this kernel function returns a pointer to a device tree node with an incremented reference count to prevent premature deallocation. However, the driver implementation failed to properly decrement this reference count using the required of_node_put() function before the function's completion. This oversight creates a memory leak scenario where the device tree node reference remains allocated in memory, preventing proper resource cleanup and potentially leading to gradual memory exhaustion over time.
From an operational perspective, this vulnerability poses significant risks to embedded systems and automotive platforms that rely on i.MX SoC architectures for thermal monitoring. The reference count leak, while seemingly minor, can accumulate over extended system uptime, particularly in systems with frequent device initialization cycles or multiple thermal sensors. The impact extends beyond simple memory consumption issues as it can contribute to system instability, performance degradation, and potentially affect thermal management decisions that are critical for hardware protection. Systems utilizing this driver in safety-critical applications may experience unexpected thermal behavior or reduced reliability due to the resource leak.
The vulnerability aligns with CWE-404, which categorizes improper resource management as a common weakness in software development, specifically addressing issues related to resource leaks and reference counting errors. This flaw also intersects with ATT&CK technique T1490, which covers resource exhaustion attacks, as the memory leak could potentially be exploited to cause system resource exhaustion over time. The fix implemented addresses this by adding the missing of_node_put() call, ensuring proper reference count management and preventing the accumulation of unreleased device tree node references. This remediation follows standard kernel development practices for device tree node handling and demonstrates the importance of proper resource management in kernel space code where memory leaks can have cascading effects on system stability and security.
The resolution of CVE-2022-49463 through the addition of the missing of_node_put() call represents a straightforward but critical fix that restores proper reference counting behavior in the imx_sc_thermal driver. This correction ensures that device tree node references are properly released when no longer needed, maintaining the integrity of the kernel's memory management subsystem. The fix exemplifies the importance of thorough code review and testing, particularly in kernel space where resource management errors can have far-reaching consequences. System administrators and embedded developers should ensure that affected systems receive the appropriate kernel updates to address this vulnerability and maintain optimal thermal management functionality across all i.MX platform deployments.