CVE-2022-49460 (GCVE-0-2022-49460)

Vulnerability from cvelistv5 – Published: 2025-02-26 02:13 – Updated: 2026-05-11 19:00
VLAI?
Title
PM / devfreq: rk3399_dmc: Disable edev on remove()
Summary
In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: rk3399_dmc: Disable edev on remove() Otherwise we hit an unablanced enable-count when unbinding the DFI device: [ 1279.659119] ------------[ cut here ]------------ [ 1279.659179] WARNING: CPU: 2 PID: 5638 at drivers/devfreq/devfreq-event.c:360 devfreq_event_remove_edev+0x84/0x8c ... [ 1279.659352] Hardware name: Google Kevin (DT) [ 1279.659363] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO BTYPE=--) [ 1279.659371] pc : devfreq_event_remove_edev+0x84/0x8c [ 1279.659380] lr : devm_devfreq_event_release+0x1c/0x28 ... [ 1279.659571] Call trace: [ 1279.659582] devfreq_event_remove_edev+0x84/0x8c [ 1279.659590] devm_devfreq_event_release+0x1c/0x28 [ 1279.659602] release_nodes+0x1cc/0x244 [ 1279.659611] devres_release_all+0x44/0x60 [ 1279.659621] device_release_driver_internal+0x11c/0x1ac [ 1279.659629] device_driver_detach+0x20/0x2c [ 1279.659641] unbind_store+0x7c/0xb0 [ 1279.659650] drv_attr_store+0x2c/0x40 [ 1279.659663] sysfs_kf_write+0x44/0x58 [ 1279.659672] kernfs_fop_write_iter+0xf4/0x190 [ 1279.659684] vfs_write+0x2b0/0x2e4 [ 1279.659693] ksys_write+0x80/0xec [ 1279.659701] __arm64_sys_write+0x24/0x30 [ 1279.659714] el0_svc_common+0xf0/0x1d8 [ 1279.659724] do_el0_svc_compat+0x28/0x3c [ 1279.659738] el0_svc_compat+0x10/0x1c [ 1279.659746] el0_sync_compat_handler+0xa8/0xcc [ 1279.659758] el0_sync_compat+0x188/0x1c0 [ 1279.659768] ---[ end trace cec200e5094155b4 ]---
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: 5a893e31a636cca3798af2db5aee8d3d144b1e1e , < 664736e2cc09e504ce58ec61164d029d1f2651bb (git)
Affected: 5a893e31a636cca3798af2db5aee8d3d144b1e1e , < a0180e324a9a63de8f770da300477b48cb4a53f1 (git)
Affected: 5a893e31a636cca3798af2db5aee8d3d144b1e1e , < 86b091b6894c449d2734de7aa7d79ccb33ffd97d (git)
Affected: 5a893e31a636cca3798af2db5aee8d3d144b1e1e , < cb1be1d4be18fe286ba5a67d928598378fd7fbe5 (git)
Affected: 5a893e31a636cca3798af2db5aee8d3d144b1e1e , < fb089b6f21de03a685dd31df3789bbb01c59f8e3 (git)
Affected: 5a893e31a636cca3798af2db5aee8d3d144b1e1e , < a9c2b23a7ac6ab19214cad8cac8af8608a4d9cef (git)
Affected: 5a893e31a636cca3798af2db5aee8d3d144b1e1e , < 2fccf9e6050e0e3b8b4cd275d41daf7f7fa22804 (git)
Create a notification for this product.
Linux Linux Affected: 4.9
Unaffected: 0 , < 4.9 (semver)
Unaffected: 4.19.247 , ≤ 4.19.* (semver)
Unaffected: 5.4.198 , ≤ 5.4.* (semver)
Unaffected: 5.10.121 , ≤ 5.10.* (semver)
Unaffected: 5.15.46 , ≤ 5.15.* (semver)
Unaffected: 5.17.14 , ≤ 5.17.* (semver)
Unaffected: 5.18.3 , ≤ 5.18.* (semver)
Unaffected: 5.19 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/devfreq/rk3399_dmc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "664736e2cc09e504ce58ec61164d029d1f2651bb",
              "status": "affected",
              "version": "5a893e31a636cca3798af2db5aee8d3d144b1e1e",
              "versionType": "git"
            },
            {
              "lessThan": "a0180e324a9a63de8f770da300477b48cb4a53f1",
              "status": "affected",
              "version": "5a893e31a636cca3798af2db5aee8d3d144b1e1e",
              "versionType": "git"
            },
            {
              "lessThan": "86b091b6894c449d2734de7aa7d79ccb33ffd97d",
              "status": "affected",
              "version": "5a893e31a636cca3798af2db5aee8d3d144b1e1e",
              "versionType": "git"
            },
            {
              "lessThan": "cb1be1d4be18fe286ba5a67d928598378fd7fbe5",
              "status": "affected",
              "version": "5a893e31a636cca3798af2db5aee8d3d144b1e1e",
              "versionType": "git"
            },
            {
              "lessThan": "fb089b6f21de03a685dd31df3789bbb01c59f8e3",
              "status": "affected",
              "version": "5a893e31a636cca3798af2db5aee8d3d144b1e1e",
              "versionType": "git"
            },
            {
              "lessThan": "a9c2b23a7ac6ab19214cad8cac8af8608a4d9cef",
              "status": "affected",
              "version": "5a893e31a636cca3798af2db5aee8d3d144b1e1e",
              "versionType": "git"
            },
            {
              "lessThan": "2fccf9e6050e0e3b8b4cd275d41daf7f7fa22804",
              "status": "affected",
              "version": "5a893e31a636cca3798af2db5aee8d3d144b1e1e",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/devfreq/rk3399_dmc.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.9"
            },
            {
              "lessThan": "4.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.247",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.198",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.121",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.46",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.17.*",
              "status": "unaffected",
              "version": "5.17.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.18.*",
              "status": "unaffected",
              "version": "5.18.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.19",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "4.19.247",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.198",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.121",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.46",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.17.14",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.18.3",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.19",
                  "versionStartIncluding": "4.9",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: rk3399_dmc: Disable edev on remove()\n\nOtherwise we hit an unablanced enable-count when unbinding the DFI\ndevice:\n\n[ 1279.659119] ------------[ cut here ]------------\n[ 1279.659179] WARNING: CPU: 2 PID: 5638 at drivers/devfreq/devfreq-event.c:360 devfreq_event_remove_edev+0x84/0x8c\n...\n[ 1279.659352] Hardware name: Google Kevin (DT)\n[ 1279.659363] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO BTYPE=--)\n[ 1279.659371] pc : devfreq_event_remove_edev+0x84/0x8c\n[ 1279.659380] lr : devm_devfreq_event_release+0x1c/0x28\n...\n[ 1279.659571] Call trace:\n[ 1279.659582]  devfreq_event_remove_edev+0x84/0x8c\n[ 1279.659590]  devm_devfreq_event_release+0x1c/0x28\n[ 1279.659602]  release_nodes+0x1cc/0x244\n[ 1279.659611]  devres_release_all+0x44/0x60\n[ 1279.659621]  device_release_driver_internal+0x11c/0x1ac\n[ 1279.659629]  device_driver_detach+0x20/0x2c\n[ 1279.659641]  unbind_store+0x7c/0xb0\n[ 1279.659650]  drv_attr_store+0x2c/0x40\n[ 1279.659663]  sysfs_kf_write+0x44/0x58\n[ 1279.659672]  kernfs_fop_write_iter+0xf4/0x190\n[ 1279.659684]  vfs_write+0x2b0/0x2e4\n[ 1279.659693]  ksys_write+0x80/0xec\n[ 1279.659701]  __arm64_sys_write+0x24/0x30\n[ 1279.659714]  el0_svc_common+0xf0/0x1d8\n[ 1279.659724]  do_el0_svc_compat+0x28/0x3c\n[ 1279.659738]  el0_svc_compat+0x10/0x1c\n[ 1279.659746]  el0_sync_compat_handler+0xa8/0xcc\n[ 1279.659758]  el0_sync_compat+0x188/0x1c0\n[ 1279.659768] ---[ end trace cec200e5094155b4 ]---"
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T19:00:18.494Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/664736e2cc09e504ce58ec61164d029d1f2651bb"
        },
        {
          "url": "https://git.kernel.org/stable/c/a0180e324a9a63de8f770da300477b48cb4a53f1"
        },
        {
          "url": "https://git.kernel.org/stable/c/86b091b6894c449d2734de7aa7d79ccb33ffd97d"
        },
        {
          "url": "https://git.kernel.org/stable/c/cb1be1d4be18fe286ba5a67d928598378fd7fbe5"
        },
        {
          "url": "https://git.kernel.org/stable/c/fb089b6f21de03a685dd31df3789bbb01c59f8e3"
        },
        {
          "url": "https://git.kernel.org/stable/c/a9c2b23a7ac6ab19214cad8cac8af8608a4d9cef"
        },
        {
          "url": "https://git.kernel.org/stable/c/2fccf9e6050e0e3b8b4cd275d41daf7f7fa22804"
        }
      ],
      "title": "PM / devfreq: rk3399_dmc: Disable edev on remove()",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2022-49460",
    "datePublished": "2025-02-26T02:13:07.635Z",
    "dateReserved": "2025-02-26T02:08:31.576Z",
    "dateUpdated": "2026-05-11T19:00:18.494Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-49460",
      "date": "2026-05-21",
      "epss": "0.00059",
      "percentile": "0.18315"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-49460\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-02-26T07:01:22.327\",\"lastModified\":\"2025-10-22T17:23:12.747\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nPM / devfreq: rk3399_dmc: Disable edev on remove()\\n\\nOtherwise we hit an unablanced enable-count when unbinding the DFI\\ndevice:\\n\\n[ 1279.659119] ------------[ cut here ]------------\\n[ 1279.659179] WARNING: CPU: 2 PID: 5638 at drivers/devfreq/devfreq-event.c:360 devfreq_event_remove_edev+0x84/0x8c\\n...\\n[ 1279.659352] Hardware name: Google Kevin (DT)\\n[ 1279.659363] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO BTYPE=--)\\n[ 1279.659371] pc : devfreq_event_remove_edev+0x84/0x8c\\n[ 1279.659380] lr : devm_devfreq_event_release+0x1c/0x28\\n...\\n[ 1279.659571] Call trace:\\n[ 1279.659582]  devfreq_event_remove_edev+0x84/0x8c\\n[ 1279.659590]  devm_devfreq_event_release+0x1c/0x28\\n[ 1279.659602]  release_nodes+0x1cc/0x244\\n[ 1279.659611]  devres_release_all+0x44/0x60\\n[ 1279.659621]  device_release_driver_internal+0x11c/0x1ac\\n[ 1279.659629]  device_driver_detach+0x20/0x2c\\n[ 1279.659641]  unbind_store+0x7c/0xb0\\n[ 1279.659650]  drv_attr_store+0x2c/0x40\\n[ 1279.659663]  sysfs_kf_write+0x44/0x58\\n[ 1279.659672]  kernfs_fop_write_iter+0xf4/0x190\\n[ 1279.659684]  vfs_write+0x2b0/0x2e4\\n[ 1279.659693]  ksys_write+0x80/0xec\\n[ 1279.659701]  __arm64_sys_write+0x24/0x30\\n[ 1279.659714]  el0_svc_common+0xf0/0x1d8\\n[ 1279.659724]  do_el0_svc_compat+0x28/0x3c\\n[ 1279.659738]  el0_svc_compat+0x10/0x1c\\n[ 1279.659746]  el0_sync_compat_handler+0xa8/0xcc\\n[ 1279.659758]  el0_sync_compat+0x188/0x1c0\\n[ 1279.659768] ---[ end trace cec200e5094155b4 ]---\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: PM/devfreq: rk3399_dmc: Deshabilitar edev en remove() De lo contrario, alcanzamos un recuento de habilitaciones no balanceado al desvincular el dispositivo DFI: [1279.659119] ------------[cortar aqu\u00ed]------------ [1279.659179] ADVERTENCIA: CPU: 2 PID: 5638 at drivers/devfreq/devfreq-event.c:360 devfreq_event_remove_edev+0x84/0x8c ... [ 1279.659352] Hardware name: Google Kevin (DT) [ 1279.659363] pstate: 80400005 (Nzcv daif +PAN -UAO -TCO BTYPE=--) [ 1279.659371] pc : devfreq_event_remove_edev+0x84/0x8c [ 1279.659380] lr : devm_devfreq_event_release+0x1c/0x28 ... [ 1279.659571] Call trace: [ 1279.659582] devfreq_event_remove_edev+0x84/0x8c [ 1279.659590] devm_devfreq_event_release+0x1c/0x28 [ 1279.659602] release_nodes+0x1cc/0x244 [ 1279.659611] devres_release_all+0x44/0x60 [ 1279.659621] device_release_driver_internal+0x11c/0x1ac [ 1279.659629] device_driver_detach+0x20/0x2c [ 1279.659641] unbind_store+0x7c/0xb0 [ 1279.659650] drv_attr_store+0x2c/0x40 [ 1279.659663] sysfs_kf_write+0x44/0x58 [ 1279.659672] kernfs_fop_write_iter+0xf4/0x190 [ 1279.659684] vfs_write+0x2b0/0x2e4 [ 1279.659693] ksys_write+0x80/0xec [ 1279.659701] __arm64_sys_write+0x24/0x30 [ 1279.659714] el0_svc_common+0xf0/0x1d8 [ 1279.659724] do_el0_svc_compat+0x28/0x3c [ 1279.659738] el0_svc_compat+0x10/0x1c [ 1279.659746] el0_sync_compat_handler+0xa8/0xcc [ 1279.659758] el0_sync_compat+0x188/0x1c0 [ 1279.659768] ---[ end trace cec200e5094155b4 ]--- \"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.9\",\"versionEndExcluding\":\"4.19.247\",\"matchCriteriaId\":\"F38B59F3-5386-4A6F-954A-50BDD5A9355F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.4.198\",\"matchCriteriaId\":\"3EC49633-14DE-4EBD-BB80-76AE2E3EABB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.121\",\"matchCriteriaId\":\"34ACD872-E5BC-401C-93D5-B357A62426E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.46\",\"matchCriteriaId\":\"20D41697-0E8B-4B7D-8842-F17BF2AA21E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"5.17.14\",\"matchCriteriaId\":\"15E2DD33-2255-4B76-9C15-04FF8CBAB252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.18\",\"versionEndExcluding\":\"5.18.3\",\"matchCriteriaId\":\"8E122216-2E9E-4B3E-B7B8-D575A45BA3C2\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/2fccf9e6050e0e3b8b4cd275d41daf7f7fa22804\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/664736e2cc09e504ce58ec61164d029d1f2651bb\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/86b091b6894c449d2734de7aa7d79ccb33ffd97d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a0180e324a9a63de8f770da300477b48cb4a53f1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a9c2b23a7ac6ab19214cad8cac8af8608a4d9cef\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/cb1be1d4be18fe286ba5a67d928598378fd7fbe5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/fb089b6f21de03a685dd31df3789bbb01c59f8e3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.