CVE-2022-49718
Linux Debian vulnerability analysis and mitigation

Overview

CVE-2022-49718 is a vulnerability discovered in the Linux kernel affecting the irqchip/apple-aic component. The issue involves a reference count leak in the aicoficinit function. The vulnerability was introduced through a missing ofnodeput() call after using ofgetchildby_name(), which returns a node pointer with an incremented reference count (Kernel Git).

Technical details

The vulnerability stems from a reference count leak in the Linux kernel's Apple Interrupt Controller (AIC) driver. Specifically, the aicoficinit function failed to properly release the reference count on a device tree node obtained through ofgetchildbyname(). This was fixed by adding a missing ofnode_put(affs) call to properly release the reference count. The fix was implemented in commit 3d45670fab3c25a7452721e4588cc95c51cda134 (Kernel Git).

Impact

The reference count leak could potentially lead to memory resource exhaustion over time as system resources are not properly freed. This affects systems using the Apple Interrupt Controller driver in the Linux kernel (Debian Tracker).

Mitigation and workarounds

The vulnerability has been fixed in Linux kernel version 5.19-rc3 through the addition of the missing ofnodeput() call. Users should upgrade to a patched kernel version that includes the fix. For Debian systems, fixed versions are available in bullseye (5.10.234-1) and bookworm (6.1.129-1) (Debian Tracker).

Additional resources


SourceThis report was generated using AI

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management