CVE-2022-49861
Marvell MV XOR v2 DMA Engine Clock Leak Vulnerability
Description
In the Linux kernel, the following vulnerability has been resolved: dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() A clk_prepare_enable() call in the probe is not balanced by a corresponding clk_disable_unprepare() in the remove function. Add the missing call.
INFO
Published Date :
May 1, 2025, 3:16 p.m.
Last Modified :
May 7, 2025, 1:31 p.m.
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Remotely Exploitable :
No
Impact Score :
3.6
Exploitability Score :
1.8
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2022-49861.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2022-49861 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2022-49861 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Initial Analysis by [email protected]
May. 07, 2025
Action Type Old Value New Value Added CVSS V3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Added CWE NVD-CWE-Other Added CPE Configuration OR *cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:* *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.20 up to (excluding) 5.4.225 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.11 up to (excluding) 5.15.79 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.16 up to (excluding) 6.0.9 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 5.5 up to (excluding) 5.10.155 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.14.45 up to (excluding) 4.14.300 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.16 up to (excluding) 4.19.267 *cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions from (including) 4.9.104 up to (excluding) 4.9.334 Added Reference Type kernel.org: https://git.kernel.org/stable/c/04f2cc56d80a1ac058045a7835c5bfd910f17863 Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/081195d17a0c4c636da2b869bd5809d42e8cbb13 Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/0b7ee3d50f32d277bf024b4ddb4de54da43a3025 Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/1d84887327659c58a6637060ac8c50c3a952a163 Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/20479886b40c0ed4864a5fc8490a1f6b70cccf1b Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/4b6641c3a2ba95ddcfecec263b4a5e572a4b0641 Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/992e966caf57e00855edbd79f19d911809732a69 Types: Patch Added Reference Type kernel.org: https://git.kernel.org/stable/c/a1cb72e20a64a3c83f9b4ee993fbf97e4c1d7714 Types: Patch -
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
May. 01, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove() A clk_prepare_enable() call in the probe is not balanced by a corresponding clk_disable_unprepare() in the remove function. Add the missing call. Added Reference https://git.kernel.org/stable/c/04f2cc56d80a1ac058045a7835c5bfd910f17863 Added Reference https://git.kernel.org/stable/c/081195d17a0c4c636da2b869bd5809d42e8cbb13 Added Reference https://git.kernel.org/stable/c/0b7ee3d50f32d277bf024b4ddb4de54da43a3025 Added Reference https://git.kernel.org/stable/c/1d84887327659c58a6637060ac8c50c3a952a163 Added Reference https://git.kernel.org/stable/c/20479886b40c0ed4864a5fc8490a1f6b70cccf1b Added Reference https://git.kernel.org/stable/c/4b6641c3a2ba95ddcfecec263b4a5e572a4b0641 Added Reference https://git.kernel.org/stable/c/992e966caf57e00855edbd79f19d911809732a69 Added Reference https://git.kernel.org/stable/c/a1cb72e20a64a3c83f9b4ee993fbf97e4c1d7714
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2022-49861 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2022-49861
weaknesses.