CVE-2022-50576
Description
In the Linux kernel, the following vulnerability has been resolved:
serial: pch: Fix PCI device refcount leak in pch_request_dma()
As comment of pci_get_slot() says, it returns a pci_device with its refcount increased. The caller must decrement the reference count by calling pci_dev_put().
Since 'dma_dev' is only used to filter the channel in filter(), we can call pci_dev_put() before exiting from pch_request_dma(). Add the missing pci_dev_put() for the normal and error path.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
PCI device refcount leak in Linux kernel serial pch driver's pch_request_dma() can cause memory exhaustion via local denial of service.
Vulnerability
Details
In the Linux kernel's serial pch driver, the function pch_request_dma() calls pci_get_slot() to obtain a PCI device, which increments the device's reference count. However, the function never decrements this count via pci_dev_put(), leading to a reference leak. This occurs on both normal and error paths, as noted in the commit message [1].
Exploitation
An attacker with local access could repeatedly trigger the DMA channel allocation, causing the leaked PCI device references to accumulate. Over time, this can exhaust kernel memory, leading to a denial-of-service condition. No special privileges other than the ability to interact with the serial device are required, though the attack is local in nature.
Impact
The vulnerability results in a memory leak of PCI device structures. While not directly exploitable for code execution, the resource exhaustion can cause system instability or crash. The CVSS score likely reflects a moderate severity due to the local attack vector and availability impact.
Mitigation
The fix was applied in Linux kernel stable releases via commits such as the one referenced in [1]. Users should update their kernels to include this patch or apply the corresponding stable updates.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
990ff030ca10b56e5a7c5ee3fdfd15c5550b9d165388227aa07f4ca68b0f66f7d82380fbe4f5d28865c66516614a371c28be3a7bf7737Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
9- git.kernel.org/stable/c/07f4ca68b0f6bf84b6b391c14b59fd179fcde9c5nvd
- git.kernel.org/stable/c/4f5d28865c665c9064de631a518f9bc8099d9ce4nvd
- git.kernel.org/stable/c/516614a371c26e3334625b4bca19a5362bf658d6nvd
- git.kernel.org/stable/c/56e5a7c5ee3f0dc8978b5df2b1a98a1b060c5e2anvd
- git.kernel.org/stable/c/6f7d82380fbeaed3a940efc33c23f0c4bbd0fc02nvd
- git.kernel.org/stable/c/8be3a7bf773700534a6e8f87f6ed2ed111254be5nvd
- git.kernel.org/stable/c/90ff030ca10b69feeebda1427550ebf9ed2ad868nvd
- git.kernel.org/stable/c/d165388227aa7e46a9751b90bae6337b5335cdbbnvd
- git.kernel.org/stable/c/dfd15c5550b9190d5b0f9bcacb3e6436322f3854nvd
News mentions
0No linked articles in our index yet.