CVE-2022-49549

MEDIUM EPSS 15.7%
Published Feb 26, 20251y ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails In mce_threshold_create_device(), if threshold_create_bank() fails, the previously allocated threshold banks array @bp will be leaked because the call to mce_threshold_remove_device() will not free it. This happens because mce_threshold_remove_device() fetches the pointer through the threshold_banks per-CPU variable but bp is written there only after the bank creation is successful, and not before, when threshold_create_bank() fails. Add a helper which unwinds all the bank creation work previously done and pass into it the previously allocated threshold banks array for freeing. [ bp: Massage. ]

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
15.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 4

VendorProductVersionRange
linuxlinux_kernel*≥5.8  –  <5.10.121
linuxlinux_kernel*≥5.11  –  <5.15.46
linuxlinux_kernel*≥5.16  –  <5.17.14
linuxlinux_kernel*≥5.18  –  <5.18.3

References 5

  • git.kernel.org https://git.kernel.org/stable/c/396b8e7ab2a99ddac57d3522b3da5e58cb608d37
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9708f1956eeb70c86943e0bc62fa3b0101b59616
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b4acb8e7f1594607bc9017ef0aacb40b24a003d6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cc0dd4456f9573bf8af9b4d8754433918e809e1e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e5f28623ceb103e13fc3d7bd45edf9818b227fd0
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/396b8e7ab2a99ddac57d3522b3da5e58cb608d37
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/9708f1956eeb70c86943e0bc62fa3b0101b59616
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b4acb8e7f1594607bc9017ef0aacb40b24a003d6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cc0dd4456f9573bf8af9b4d8754433918e809e1e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/e5f28623ceb103e13fc3d7bd45edf9818b227fd0
    Patch