Login Sign Up

CVE-2022-49161

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes a memory leak vulnerability in the Linux kernel's MediaTek ASoC driver. When the mt8183_da7219_max98357_dev_probe function encounters an error, it fails to properly release a device node reference, causing a kernel memory leak. This affects Linux systems using MediaTek audio hardware.

💻 Affected Systems

Products:
  • Linux kernel with MediaTek ASoC driver
Versions: Linux kernel versions containing the vulnerable code (specific versions not specified in CVE)
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires MediaTek hardware (mt8183 platform) with specific audio codecs (da7219, max98357). The vulnerability only triggers during error conditions in device probe.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sustained exploitation could lead to kernel memory exhaustion, causing system instability, crashes, or denial of service.

🟠

Likely Case

Memory leak gradually consumes kernel resources, potentially leading to performance degradation or system instability over time.

🟢

If Mitigated

With proper kernel memory management and monitoring, impact is limited to minor resource consumption.

🌐 Internet-Facing: LOW - Requires local access to trigger the error condition in the driver.
🏢 Internal Only: MEDIUM - Local users or processes could potentially trigger the condition, but requires specific hardware and error conditions.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires local access and ability to trigger specific error conditions in the driver initialization. No known active exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Patched in kernel commits 28a265a1ee11febeec5ea73a804f30dcec3181ca and 9b9f6227e8d0c7c46b6d9d7b8a5c4e0536049fcf

Vendor Advisory: https://git.kernel.org/stable/c/28a265a1ee11febeec5ea73a804f30dcec3181ca

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix. 2. Reboot system to load patched kernel. 3. For embedded systems, update kernel from vendor or rebuild with patched source.

🔧 Temporary Workarounds

Disable affected hardware

linux

Prevent loading of the vulnerable driver by blacklisting or disabling the MediaTek ASoC module

echo 'blacklist snd-soc-mt8183-da7219-max98357' > /etc/modprobe.d/blacklist-mtk-audio.conf
update-initramfs -u

🧯 If You Can't Patch

  • Monitor kernel memory usage for unusual increases using tools like 'free', 'vmstat', or 'sar'
  • Implement system monitoring to detect and alert on memory exhaustion conditions

🔍 How to Verify

Check if Vulnerable:

Check if system uses MediaTek hardware and has the affected driver loaded: 'lsmod | grep snd_soc_mt8183_da7219_max98357'

Check Version:

uname -r

Verify Fix Applied:

Check kernel version includes the fix commits: 'uname -r' and verify with distribution patch notes

📡 Detection & Monitoring

Log Indicators:

  • Kernel oom-killer messages
  • Memory allocation failures in dmesg
  • Driver initialization errors

Network Indicators:

  • None - local vulnerability only

SIEM Query:

source="kernel" AND ("out of memory" OR "oom-killer" OR "mt8183" OR "da7219")

📊 Metadata

CVE ID: CVE-2022-49161
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score: 0.05% exploit probability (16th percentile)
Published: February 26, 2025
Last Updated: September 23, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON