CVE-2022-49115 – This CVE-2022-49115 is a memory leak vulnerabil... (How to Fix)

Q: What is the severity of CVE-2022-49115?

CVE-2022-49115 has a CVSS score of 5.5 (MEDIUM). This CVE-2022-49115 is a memory leak vulnerability in the Linux kernel's PCI endpoint subsystem caused by a misused goto label. It affects systems using PCI endpoint functionality, potentially leading to resource exhaustion over time. The vulnerability requires local access to exploit.

📋 TL;DR

This CVE-2022-49115 is a memory leak vulnerability in the Linux kernel's PCI endpoint subsystem caused by a misused goto label. It affects systems using PCI endpoint functionality, potentially leading to resource exhaustion over time. The vulnerability requires local access to exploit.

💻 Affected Systems

Products:

Linux kernel

Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions using vulnerable kernel versions

Default Config Vulnerable: ✅ No

Notes: Only affects systems with PCI endpoint functionality enabled and in use. Most standard desktop/server configurations are not affected unless specifically using PCI endpoint features.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with local access could repeatedly trigger the memory leak, causing kernel memory exhaustion leading to system instability, denial of service, or potential privilege escalation if combined with other vulnerabilities.

🟠

Likely Case

Local users could cause gradual memory consumption, potentially leading to system performance degradation or denial of service conditions over time.

🟢

If Mitigated

With proper access controls limiting local user privileges and monitoring for memory anomalies, impact is minimal to none for most environments.

🌐 Internet-Facing: LOW - This vulnerability requires local access and cannot be exploited remotely over the network.

🏢 Internal Only: MEDIUM - Local users or processes could exploit this vulnerability, but it requires specific PCI endpoint functionality to be in use.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: NO

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access and knowledge of how to trigger the specific PCI endpoint code path. No public exploits have been reported.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 70236a0d2d62b081d52076de22d8d017d6cbe99f, 7c657c0694ff690e361a13ce41c36b9dfb433ec8, bf8d87c076f55b8b4dfdb6bc6c6b6dc0c2ccb487, d3642fc64276b06446290f82fd45630aeaa4b007, dc9d33b2d8d09e6478e8ef817a81cf26930acc3e

Vendor Advisory: https://git.kernel.org/stable/c/70236a0d2d62b081d52076de22d8d017d6cbe99f

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check your distribution's security advisories for specific patched kernel versions. 3. Reboot the system after kernel update.

🔧 Temporary Workarounds

Disable PCI endpoint functionality

linux

If PCI endpoint features are not required, disable them in kernel configuration

Check if PCI endpoint is enabled: grep -r CONFIG_PCI_ENDPOINT /boot/config-$(uname -r)
To disable: Recompile kernel without CONFIG_PCI_ENDPOINT=y

🧯 If You Can't Patch

Restrict local user access to systems using PCI endpoint functionality
Implement memory usage monitoring and alerts for abnormal consumption patterns

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if PCI endpoint is enabled: uname -r && grep -r CONFIG_PCI_ENDPOINT /boot/config-$(uname -r)

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated to one containing the fix commits: uname -r && check distribution security advisories

📡 Detection & Monitoring

Log Indicators:

Kernel oops messages related to PCI endpoint
System logs showing abnormal memory consumption patterns
dmesg output showing memory allocation failures

Network Indicators:

None - this is a local vulnerability

SIEM Query:

source="kernel" AND ("PCI endpoint" OR "memory leak" OR "allocation failure")

📊 Metadata

CVE ID: CVE-2022-49115

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-401

EPSS Score: 0.05% exploit probability (16.1th percentile)

Published: February 26, 2025

Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49115, you might also want to check these: