CVE-2022-49210

Summary

In the Linux kernel, the following vulnerability has been resolved:

MIPS: pgalloc: fix memory leak caused by pgd_free()

pgd page is freed by generic implementation pgd_free() since commit f9cb654cb550 ("asm-generic: pgalloc: provide generic pgd_free()"), however, there are scenarios that the system uses more than one page as the pgd table, in such cases the generic implementation pgd_free() won't be applicable anymore. For example, when PAGE_SIZE_4KB is enabled and MIPS_VA_BITS_48 is not enabled in a 64bit system, the macro "PGD_ORDER" will be set as "1", which will cause allocating two pages as the pgd table. Well, at the same time, the generic implementation pgd_free() just free one pgd page, which will result in the memory leak.

The memory leak can be easily detected by executing shell command: "while true; do ls > /dev/null; grep MemFree /proc/meminfo; done"

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxf9cb654cb550b7b87e8608b14fc3eca432429ffe < fa3d44424579972cc7c4fac3d9cf227798ebdfa0affected
LinuxLinuxf9cb654cb550b7b87e8608b14fc3eca432429ffe < d29cda15cab086d82d692de016f7249545d4b6b4affected
LinuxLinuxf9cb654cb550b7b87e8608b14fc3eca432429ffe < 5a8501d34b261906e4c76ec9da679f2cb4d309edaffected
LinuxLinuxf9cb654cb550b7b87e8608b14fc3eca432429ffe < 1bf0d78c8cc3cf615a6e7bf33ada70b73592f0a1affected
LinuxLinuxf9cb654cb550b7b87e8608b14fc3eca432429ffe < 2bc5bab9a763d520937e4f3fe8df51c6a1eceb97affected
LinuxLinux5.9affected
LinuxLinux0 < 5.9unaffected
LinuxLinux5.10.110 <= 5.10.*unaffected
LinuxLinux5.15.33 <= 5.15.*unaffected
LinuxLinux5.16.19 <= 5.16.*unaffected
LinuxLinux5.17.2 <= 5.17.*unaffected
LinuxLinux5.18 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References