CVE-2022-49191
📋 TL;DR
This is a memory leak vulnerability in the Linux kernel's mxser serial driver. When the Line Status Register (LSR) returns 0xff during device activation, the driver fails to properly free allocated transmit buffers, leading to gradual memory exhaustion. Systems using affected kernel versions with mxser driver loaded are vulnerable.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel panic/crash.
Likely Case
Gradual memory consumption over time when specific serial hardware conditions trigger the bug, potentially leading to system performance degradation or application failures.
If Mitigated
Minimal impact with proper monitoring and memory limits in place; system remains functional but may experience resource constraints.
🎯 Exploit Status
Requires specific hardware conditions and driver loading; not a typical remote code execution vulnerability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing fixes from provided git commits
Vendor Advisory: https://git.kernel.org/stable/c/125b7c929fc9b1e5eaa344bceb6367dfa6fd3f9d
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify mxser driver is using patched code.
🔧 Temporary Workarounds
Unload mxser driver
linuxPrevent vulnerability by not loading the affected driver
sudo rmmod mxser
echo 'blacklist mxser' | sudo tee /etc/modprobe.d/blacklist-mxser.conf
🧯 If You Can't Patch
- Disable or remove serial hardware using mxser driver
- Implement memory monitoring and alerting for kernel memory exhaustion
🔍 How to Verify
Check if Vulnerable:
Check if mxser module is loaded: lsmod | grep mxser AND check kernel version against patched versionsCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is updated AND mxser module shows no memory leaks in dmesg📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- Out of memory errors in dmesg
- Increasing kernel memory usage
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("out of memory" OR "kernel panic" OR "mxser")🔗 References
- https://git.kernel.org/stable/c/125b7c929fc9b1e5eaa344bceb6367dfa6fd3f9d
- https://git.kernel.org/stable/c/2cd05c38a27bee7fb42aa4d43174d68ac55dac0f
- https://git.kernel.org/stable/c/376922045009f8ea2d20a8fa3475e95b47c41690
- https://git.kernel.org/stable/c/685b6d16bf89595310b5d61394c9b97cc9505c7c
- https://git.kernel.org/stable/c/6c9041b2f90c0eace73106f22350e1d2c98f5edc
- https://git.kernel.org/stable/c/6dffc2035fbaada60ca8db59e0962e34f760370a
- https://git.kernel.org/stable/c/996291d06851a26678a0fab488b6e1f0677c0576
- https://git.kernel.org/stable/c/b125b08dbee3611f03f53b71471813ed4ccafcdd
- https://git.kernel.org/stable/c/cd3a4907ee334b40d7aa880c7ab310b154fd5cd4
