CVE-2022-50249 in Linux
Summary
by MITRE • 09/15/2025
In the Linux kernel, the following vulnerability has been resolved:
memory: of: Fix refcount leak bug in of_get_ddr_timings()
We should add the of_node_put() when breaking out of for_each_child_of_node() as it will automatically increase and decrease the refcount.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 01/10/2026
The vulnerability identified as CVE-2022-50249 represents a critical reference count leak in the Linux kernel's device tree subsystem, specifically within the of_get_ddr_timings() function. This issue resides in the memory management layer of the kernel where device tree nodes are processed to extract DDR timing information for memory controllers. The flaw manifests when iterating through child nodes of a device tree node using the for_each_child_of_node() macro, which automatically increments reference counts for each node encountered during traversal. The vulnerability occurs because the code fails to properly decrement these reference counts when exiting the loop prematurely through a break statement, leading to a memory leak where nodes remain allocated in memory even though they are no longer needed by the calling function.
The technical implementation of this vulnerability stems from improper handling of device tree node reference counting mechanisms within the kernel's device tree core functionality. When for_each_child_of_node() processes child nodes, it automatically calls of_node_get() to increment the reference count of each node, ensuring the node remains valid during processing. However, when the loop terminates early due to a break condition, the corresponding of_node_put() calls are not executed to decrement these reference counts. This creates a scenario where nodes remain in memory indefinitely, consuming kernel memory resources and potentially leading to memory exhaustion under sustained load conditions. The vulnerability affects systems utilizing device tree-based memory controller configurations, particularly those implementing DDR memory timing parameters through device tree nodes.
The operational impact of CVE-2022-50249 extends beyond simple memory consumption issues, potentially affecting system stability and performance across embedded systems, servers, and desktop platforms that rely on device tree configurations for memory management. Systems running with high memory pressure or those performing frequent device tree traversals may experience progressive memory degradation, ultimately leading to system instability or denial of service conditions. The vulnerability is particularly concerning in embedded environments where memory resources are constrained and the kernel's memory management must operate efficiently. Attackers could potentially exploit this memory leak by repeatedly triggering the affected code path, causing progressive memory exhaustion that impacts system responsiveness and overall operational integrity.
Mitigation strategies for CVE-2022-50249 require immediate kernel updates to address the reference count management issue within the device tree subsystem. System administrators should prioritize applying security patches that ensure proper of_node_put() calls are executed even when breaking out of for_each_child_of_node() loops. Additionally, monitoring systems should be implemented to track memory usage patterns and identify potential memory leaks in kernel space operations. The fix involves adding explicit of_node_put() calls at break points within the affected code to balance the automatic reference count increments. This vulnerability aligns with CWE-404, which addresses improper resource release or unbalanced resource management, and could potentially be leveraged by adversaries following ATT&CK technique T1499.001 for resource exhaustion attacks. Organizations should also consider implementing kernel memory monitoring tools to detect similar reference counting issues and maintain updated security patches to prevent exploitation of such memory management vulnerabilities in production environments.