CVE-2022-49752: 
Linux Kernel vulnerability analysis and mitigation

In the Linux kernel, a vulnerability (CVE-2022-49752) was discovered related to a node refcount leak in fwnodegraphgetnextendpoint(). The issue involves the 'parent' returned by fwnodegraphgetportparent() with refcount incremented when 'prev' is not NULL, which needs to be put when finished using it. The vulnerability was disclosed on March 27, 2025 (NVD).

The vulnerability stems from a reference counting issue in the device property handling of the Linux kernel. Because the parent is const, a new variable needs to be introduced to store the returned fwnode, then put it before returning from fwnodegraphgetnextendpoint(). This issue affects various Linux kernel versions and has been fixed in multiple distribution-specific kernel versions, including Ubuntu 22.04 LTS (jammy) with version 5.15.0-70.77 (Ubuntu).

The vulnerability affects multiple Linux distributions and their kernel versions, particularly impacting Ubuntu and its derivatives. Several kernel variants including linux-aws, linux-azure, linux-gcp, and others required patches to address this issue (Ubuntu).

The vulnerability has been patched in various Linux distributions. For Ubuntu users, fixes have been released for multiple kernel versions: Ubuntu 22.04 LTS (5.15.0-70.77), AWS kernel (5.15.0-1034.38), Azure kernel (5.15.0-1036.43), and GCP kernel (5.15.0-1032.40) (Ubuntu).