CVE-2022-49244: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49244 affects the Linux kernel's ASoC (ALSA System on Chip) MediaTek MT8192-MT6359 audio driver. The vulnerability stems from improper error handling in the mt8192mt6359devprobe function, where devicenode pointers returned by ofparsephandle() with incremented refcount were not properly released in error paths (Kernel Git).

The vulnerability occurs in the sound/soc/mediatek/mt8192/mt8192-mt6359-rt1015-rt5682.c file. The issue arises because the function only calls ofnodeput() in the regular path but fails to do so in error paths, leading to a reference count leak. This is a fix for a previous patch (4e28491a7a19) that addressed device_node leaks (Kernel Git).

The vulnerability results in a memory leak due to improper reference counting of device nodes in the Linux kernel's audio subsystem. While this doesn't lead to immediate system compromise, it could potentially cause resource exhaustion over time if the affected code path is repeatedly triggered (NVD).

The issue has been fixed by adding proper error handling paths that ensure ofnodeput() is called in all error conditions. The fix has been implemented in the Linux kernel through a patch that adds appropriate cleanup code in the error handling paths (Kernel Git).