CVE-2022-50659
Published: Dec 9, 2025
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: hwrng: geode - Fix PCI device refcount leak for_each_pci_dev() is implemented by pci_get_device(). The comment of pci_get_device() says that it will increase the reference count for the returned pci_dev and also decrease the reference count for the input pci_dev @from if it is not NULL. If we break for_each_pci_dev() loop with pdev not NULL, we need to call pci_dev_put() to decrease the reference count. We add a new struct 'amd_geode_priv' to record pointer of the pci_dev and membase, and then add missing pci_dev_put() for the normal and error path.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected ef5d862734b84239e0140319a95fb0bbff5ef394 - < 88f4ea623f59155280d99d1a59a968f838472c4aaffected ef5d862734b84239e0140319a95fb0bbff5ef394 - < e2f44baf62567c5cfbc274974c7d96dddad53cccaffected ef5d862734b84239e0140319a95fb0bbff5ef394 - < 6b9e43c4098f1310f5b4d52121d007a219fa5d43affected ef5d862734b84239e0140319a95fb0bbff5ef394 - < 5cc818ad53df650cac8fb41d9066665366af3f03affected ef5d862734b84239e0140319a95fb0bbff5ef394 - < aa96aff394a511cc7bb7df08d1b8504d4d97671e+4 more versions |
Linux | Linux | affected 2.6.18unaffected 0 - < 2.6.18unaffected 4.9.337 - <= 4.9.*unaffected 4.14.303 - <= 4.14.*unaffected 4.19.270 - <= 4.19.*+6 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now