vulnerability
Debian: CVE-2022-49784: linux -- security update
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:S/C:N/I:N/A:C) | May 1, 2025 | May 5, 2025 | May 6, 2025 |
Description
In the Linux kernel, the following vulnerability has been resolved:
perf/x86/amd/uncore: Fix memory leak for events array
When a CPU comes online, the per-CPU NB and LLC uncore contexts are
freed but not the events array within the context structure. This
causes a memory leak as identified by the kmemleak detector.
[...]
unreferenced object 0xffff8c5944b8e320 (size 32):
comm "swapper/0", pid 1, jiffies 4294670387 (age 151.072s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[] amd_uncore_cpu_up_prepare+0xaf/0x230
[] cpuhp_invoke_callback+0x2cf/0x470
[] cpuhp_issue_call+0x14d/0x170
[] __cpuhp_setup_state_cpuslocked+0x11e/0x330
[] __cpuhp_setup_state+0x6b/0x110
[] amd_uncore_init+0x260/0x321
[] do_one_initcall+0x3f/0x1f0
[] kernel_init_freeable+0x1ca/0x212
[] kernel_init+0x11/0x120
[] ret_from_fork+0x22/0x30
unreferenced object 0xffff8c5944b8dd40 (size 64):
comm "swapper/0", pid 1, jiffies 4294670387 (age 151.072s)
hex dump (first 32 bytes):
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
backtrace:
[] amd_uncore_cpu_up_prepare+0x183/0x230
[] cpuhp_invoke_callback+0x2cf/0x470
[] cpuhp_issue_call+0x14d/0x170
[] __cpuhp_setup_state_cpuslocked+0x11e/0x330
[] __cpuhp_setup_state+0x6b/0x110
[] amd_uncore_init+0x260/0x321
[] do_one_initcall+0x3f/0x1f0
[] kernel_init_freeable+0x1ca/0x212
[] kernel_init+0x11/0x120
[] ret_from_fork+0x22/0x30
[...]
Fix the problem by freeing the events array before freeing the uncore
context.
Solution
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.