CVE-2022-48859: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-48859 is a vulnerability in the Linux kernel's Marvell Prestera driver. The issue was discovered in the presteraswitchsetbasemacaddr function where there was a missing ofnode_put() call, leading to a reference count leak. The vulnerability was disclosed on July 16, 2024, affecting the Marvell Prestera family ASIC devices driver in the Linux kernel (Kernel Git).

The vulnerability stems from a missing reference count decrement in the presteraswitchsetbasemacaddr function. Specifically, the node pointer returned by offindcompatiblenode() had its reference count incremented, but the corresponding ofnodeput() call was missing, resulting in a reference count leak. This issue was introduced in commit 501ef3066c89 which added the driver for Prestera family ASIC devices (Kernel Git).

The vulnerability results in a kernel memory leak due to the missing reference count decrement. While the impact is relatively minor, it could potentially lead to resource exhaustion over time if the affected code path is repeatedly executed (Debian Tracker).

The vulnerability has been fixed by adding the missing ofnodeput(np) call in the presteraswitchsetbasemac_addr function. The fix has been incorporated into various Linux kernel versions, including the 5.15 series and later. Users should update their kernel to a patched version (Kernel Git).