CVE-2022-48723 (GCVE-0-2022-48723)

Vulnerability from cvelistv5 – Published: 2024-06-20 11:13 – Updated: 2026-05-11 18:45
VLAI
Title
spi: uniphier: fix reference count leak in uniphier_spi_probe()
Summary
In the Linux kernel, the following vulnerability has been resolved: spi: uniphier: fix reference count leak in uniphier_spi_probe() The issue happens in several error paths in uniphier_spi_probe(). When either dma_get_slave_caps() or devm_spi_register_master() returns an error code, the function forgets to decrease the refcount of both `dma_rx` and `dma_tx` objects, which may lead to refcount leaks. Fix it by decrementing the reference count of specific objects in those error paths.
Severity
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 28d1dddc59f6b7fc085093e7c1e978b33f0caf4c , < e895e067d73e154b1ebc84a124e00831e311d9b0 (git)
Affected: 28d1dddc59f6b7fc085093e7c1e978b33f0caf4c , < dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3 (git)
Affected: 28d1dddc59f6b7fc085093e7c1e978b33f0caf4c , < 447c3d4046d7b54052d07d8b27e15e6edea5662c (git)
Affected: 28d1dddc59f6b7fc085093e7c1e978b33f0caf4c , < 37c2c83ca4f1ef4b6908181ac98e18360af89b42 (git)
Create a notification for this product.
Linux Linux Affected: 5.6
Unaffected: 0 , < 5.6 (semver)
Unaffected: 5.10.99 , ≤ 5.10.* (semver)
Unaffected: 5.15.22 , ≤ 5.15.* (semver)
Unaffected: 5.16.8 , ≤ 5.16.* (semver)
Unaffected: 5.17 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:25:00.430Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e895e067d73e154b1ebc84a124e00831e311d9b0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/447c3d4046d7b54052d07d8b27e15e6edea5662c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/37c2c83ca4f1ef4b6908181ac98e18360af89b42"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-48723",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T17:11:13.006477Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-11T17:34:49.515Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/spi/spi-uniphier.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "e895e067d73e154b1ebc84a124e00831e311d9b0",
              "status": "affected",
              "version": "28d1dddc59f6b7fc085093e7c1e978b33f0caf4c",
              "versionType": "git"
            },
            {
              "lessThan": "dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3",
              "status": "affected",
              "version": "28d1dddc59f6b7fc085093e7c1e978b33f0caf4c",
              "versionType": "git"
            },
            {
              "lessThan": "447c3d4046d7b54052d07d8b27e15e6edea5662c",
              "status": "affected",
              "version": "28d1dddc59f6b7fc085093e7c1e978b33f0caf4c",
              "versionType": "git"
            },
            {
              "lessThan": "37c2c83ca4f1ef4b6908181ac98e18360af89b42",
              "status": "affected",
              "version": "28d1dddc59f6b7fc085093e7c1e978b33f0caf4c",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/spi/spi-uniphier.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.6"
            },
            {
              "lessThan": "5.6",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.99",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.22",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.16.*",
              "status": "unaffected",
              "version": "5.16.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.17",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.99",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.22",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.16.8",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.17",
                  "versionStartIncluding": "5.6",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: uniphier: fix reference count leak in uniphier_spi_probe()\n\nThe issue happens in several error paths in uniphier_spi_probe().\nWhen either dma_get_slave_caps() or devm_spi_register_master() returns\nan error code, the function forgets to decrease the refcount of both\n`dma_rx` and `dma_tx` objects, which may lead to refcount leaks.\n\nFix it by decrementing the reference count of specific objects in\nthose error paths."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T18:45:42.615Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/e895e067d73e154b1ebc84a124e00831e311d9b0"
        },
        {
          "url": "https://git.kernel.org/stable/c/dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3"
        },
        {
          "url": "https://git.kernel.org/stable/c/447c3d4046d7b54052d07d8b27e15e6edea5662c"
        },
        {
          "url": "https://git.kernel.org/stable/c/37c2c83ca4f1ef4b6908181ac98e18360af89b42"
        }
      ],
      "title": "spi: uniphier: fix reference count leak in uniphier_spi_probe()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-48723",
    "datePublished": "2024-06-20T11:13:13.965Z",
    "dateReserved": "2024-06-20T11:09:39.051Z",
    "dateUpdated": "2026-05-11T18:45:42.615Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-48723",
      "date": "2026-05-27",
      "epss": "0.00033",
      "percentile": "0.09917"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.6\", \"versionEndExcluding\": \"5.10.99\", \"matchCriteriaId\": \"B69CC532-C65F-4966-A226-22878B182DF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.11\", \"versionEndExcluding\": \"5.15.22\", \"matchCriteriaId\": \"74528AA6-B524-4C3F-B188-1194235FE47D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.16\", \"versionEndExcluding\": \"5.16.8\", \"matchCriteriaId\": \"0623892A-E3E4-44E6-8A5E-39A0B47AF782\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6E34B23-78B4-4516-9BD8-61B33F4AC49A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nspi: uniphier: fix reference count leak in uniphier_spi_probe()\\n\\nThe issue happens in several error paths in uniphier_spi_probe().\\nWhen either dma_get_slave_caps() or devm_spi_register_master() returns\\nan error code, the function forgets to decrease the refcount of both\\n`dma_rx` and `dma_tx` objects, which may lead to refcount leaks.\\n\\nFix it by decrementing the reference count of specific objects in\\nthose error paths.\"}, {\"lang\": \"es\", \"value\": \"En el kernel de Linux, se resolvi\\u00f3 la siguiente vulnerabilidad: spi: uniphier: corrige la fuga del recuento de referencias en uniphier_spi_probe() El problema ocurre en varias rutas de error en uniphier_spi_probe(). Cuando dma_get_slave_caps() o devm_spi_register_master() devuelven un c\\u00f3digo de error, la funci\\u00f3n se olvida de disminuir el recuento de los objetos `dma_rx` y `dma_tx`, lo que puede provocar fugas de recuento. Corr\\u00edjalo disminuyendo el recuento de referencias de objetos espec\\u00edficos en esas rutas de error.\"}]",
      "id": "CVE-2022-48723",
      "lastModified": "2024-11-21T07:33:51.893",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
      "published": "2024-06-20T11:15:55.820",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/37c2c83ca4f1ef4b6908181ac98e18360af89b42\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/447c3d4046d7b54052d07d8b27e15e6edea5662c\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/e895e067d73e154b1ebc84a124e00831e311d9b0\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/37c2c83ca4f1ef4b6908181ac98e18360af89b42\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/447c3d4046d7b54052d07d8b27e15e6edea5662c\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://git.kernel.org/stable/c/e895e067d73e154b1ebc84a124e00831e311d9b0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-48723\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-06-20T11:15:55.820\",\"lastModified\":\"2024-11-21T07:33:51.893\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nspi: uniphier: fix reference count leak in uniphier_spi_probe()\\n\\nThe issue happens in several error paths in uniphier_spi_probe().\\nWhen either dma_get_slave_caps() or devm_spi_register_master() returns\\nan error code, the function forgets to decrease the refcount of both\\n`dma_rx` and `dma_tx` objects, which may lead to refcount leaks.\\n\\nFix it by decrementing the reference count of specific objects in\\nthose error paths.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: spi: uniphier: corrige la fuga del recuento de referencias en uniphier_spi_probe() El problema ocurre en varias rutas de error en uniphier_spi_probe(). Cuando dma_get_slave_caps() o devm_spi_register_master() devuelven un c\u00f3digo de error, la funci\u00f3n se olvida de disminuir el recuento de los objetos `dma_rx` y `dma_tx`, lo que puede provocar fugas de recuento. Corr\u00edjalo disminuyendo el recuento de referencias de objetos espec\u00edficos en esas rutas de error.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.6\",\"versionEndExcluding\":\"5.10.99\",\"matchCriteriaId\":\"B69CC532-C65F-4966-A226-22878B182DF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.22\",\"matchCriteriaId\":\"74528AA6-B524-4C3F-B188-1194235FE47D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"5.16.8\",\"matchCriteriaId\":\"0623892A-E3E4-44E6-8A5E-39A0B47AF782\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6E34B23-78B4-4516-9BD8-61B33F4AC49A\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/37c2c83ca4f1ef4b6908181ac98e18360af89b42\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/447c3d4046d7b54052d07d8b27e15e6edea5662c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e895e067d73e154b1ebc84a124e00831e311d9b0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/37c2c83ca4f1ef4b6908181ac98e18360af89b42\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/447c3d4046d7b54052d07d8b27e15e6edea5662c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/e895e067d73e154b1ebc84a124e00831e311d9b0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/e895e067d73e154b1ebc84a124e00831e311d9b0\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/447c3d4046d7b54052d07d8b27e15e6edea5662c\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/37c2c83ca4f1ef4b6908181ac98e18360af89b42\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T15:25:00.430Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-48723\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T17:11:13.006477Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-11T12:42:26.173Z\"}}], \"cna\": {\"title\": \"spi: uniphier: fix reference count leak in uniphier_spi_probe()\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"28d1dddc59f6b7fc085093e7c1e978b33f0caf4c\", \"lessThan\": \"e895e067d73e154b1ebc84a124e00831e311d9b0\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"28d1dddc59f6b7fc085093e7c1e978b33f0caf4c\", \"lessThan\": \"dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"28d1dddc59f6b7fc085093e7c1e978b33f0caf4c\", \"lessThan\": \"447c3d4046d7b54052d07d8b27e15e6edea5662c\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"28d1dddc59f6b7fc085093e7c1e978b33f0caf4c\", \"lessThan\": \"37c2c83ca4f1ef4b6908181ac98e18360af89b42\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/spi/spi-uniphier.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.6\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.6\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.10.99\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.22\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"5.16.8\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.16.*\"}, {\"status\": \"unaffected\", \"version\": \"5.17\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/spi/spi-uniphier.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/e895e067d73e154b1ebc84a124e00831e311d9b0\"}, {\"url\": \"https://git.kernel.org/stable/c/dd00b4f8f768d81c3788a8ac88fdb3d745e55ea3\"}, {\"url\": \"https://git.kernel.org/stable/c/447c3d4046d7b54052d07d8b27e15e6edea5662c\"}, {\"url\": \"https://git.kernel.org/stable/c/37c2c83ca4f1ef4b6908181ac98e18360af89b42\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nspi: uniphier: fix reference count leak in uniphier_spi_probe()\\n\\nThe issue happens in several error paths in uniphier_spi_probe().\\nWhen either dma_get_slave_caps() or devm_spi_register_master() returns\\nan error code, the function forgets to decrease the refcount of both\\n`dma_rx` and `dma_tx` objects, which may lead to refcount leaks.\\n\\nFix it by decrementing the reference count of specific objects in\\nthose error paths.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.99\", \"versionStartIncluding\": \"5.6\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.22\", \"versionStartIncluding\": \"5.6\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.16.8\", \"versionStartIncluding\": \"5.6\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.17\", \"versionStartIncluding\": \"5.6\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-05-11T18:45:42.615Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2022-48723\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-05-11T18:45:42.615Z\", \"dateReserved\": \"2024-06-20T11:09:39.051Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-06-20T11:13:13.965Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.