CVE-2022-49016
📋 TL;DR
This CVE describes a memory leak vulnerability in the Linux kernel's MDIO bus subsystem where firmware node reference counts become unbalanced. This allows attackers to cause kernel memory exhaustion through repeated device operations, potentially leading to denial of service. All Linux systems using the affected kernel versions with CONFIG_OF_UNITTEST and CONFIG_OF_DYNAMIC enabled are vulnerable.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory exhaustion leading to system crash or denial of service through repeated triggering of the unbalanced reference count
Likely Case
Gradual memory leak over time causing system instability or performance degradation
If Mitigated
Minimal impact with proper memory monitoring and kernel hardening
🎯 Exploit Status
Requires ability to trigger MDIO bus operations and specific kernel configurations
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 2708b357440427d6a9fee667eb7b8307f4625adc, 543d917f691ab06885ee779c862065899eaa4251, cdde1560118f82498fc9e9a7c1ef7f0ef7755891
Vendor Advisory: https://git.kernel.org/stable/c/2708b357440427d6a9fee667eb7b8307f4625adc
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check distribution-specific security advisories. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable vulnerable kernel configurations
linuxDisable CONFIG_OF_UNITTEST and CONFIG_OF_DYNAMIC in kernel configuration
Edit kernel config and set: CONFIG_OF_UNITTEST=n
CONFIG_OF_DYNAMIC=n
Recompile and reboot
🧯 If You Can't Patch
- Monitor system memory usage for unusual leaks
- Restrict access to users who can trigger MDIO bus operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and configuration: uname -r and check if CONFIG_OF_UNITTEST and CONFIG_OF_DYNAMIC are enabled in /boot/config-$(uname -r)Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes the fix commits or check with distribution package manager📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- Memory allocation failures in dmesg
- OF: ERROR: memory leak messages
SIEM Query:
search 'OF: ERROR: memory leak' OR 'kernel: memory leak' in system logs