CVE-2022-50641

Vulnerability

CVE-2022-50641 is a refcount leak vulnerability in the Linux kernel's HSI (High-Speed Synchronous Serial Interface) omap_ssi driver. The bug occurs in the ssi_probe function when iterating over child nodes using for_each_available_child_of_node(). If the loop exits early (via return or break), the reference count on the child device node is not decremented via of_node_put(), causing a reference leak [1][2][3].

Exploitation

To exploit this vulnerability, an attacker would need to trigger the probe of the omap_ssi driver on a system with device tree nodes that cause an early exit from the child node loop. This could be achieved by loading the driver or hot-plugging hardware that results in a probe failure. No special privileges are required beyond the ability to trigger driver probing, which may be possible from user space in some configurations.

Impact

A successful exploitation leads to a gradual depletion of kernel memory due to unreleased device node references. Over time, this can cause system instability, denial of service, or resource exhaustion. The vulnerability does not directly allow arbitrary code execution or privilege escalation.

Mitigation

The fix was applied in the Linux kernel stable tree, with commits referenced in the kernel git repository [1][2][3]. Users should update to a kernel version containing the fix. No workaround is available other than applying the patch.