CVE-2022-49210 – A memory leak vulnerability in the Linux kernel... (How to Fix)

Q: What is the severity of CVE-2022-49210?

CVE-2022-49210 has a CVSS score of 5.5 (MEDIUM). A memory leak vulnerability in the Linux kernel's MIPS architecture pgd_free() function can cause gradual memory exhaustion when systems use multiple pages for page global directory tables. This affects Linux systems with specific MIPS configurations, potentially leading to denial of service.

📋 TL;DR

A memory leak vulnerability in the Linux kernel's MIPS architecture pgd_free() function can cause gradual memory exhaustion when systems use multiple pages for page global directory tables. This affects Linux systems with specific MIPS configurations, potentially leading to denial of service.

💻 Affected Systems

Products:

Linux Kernel

Versions: Versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions with MIPS architecture support

Default Config Vulnerable: ✅ No

Notes: Only affects systems with specific MIPS configurations: 64-bit systems with PAGE_SIZE_4KB enabled and MIPS_VA_BITS_48 not enabled. Most x86_64 systems are not affected.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system memory exhaustion leading to kernel panic and system crash, requiring physical reboot.

🟠

Likely Case

Gradual performance degradation over time as available memory decreases, eventually causing application failures or system instability.

🟢

If Mitigated

Minimal impact if memory monitoring is in place and systems are regularly rebooted before exhaustion occurs.

🌐 Internet-Facing: LOW - Requires local access or existing system compromise to trigger the memory leak.

🏢 Internal Only: MEDIUM - Could be exploited by malicious users or malware with local access to degrade system performance.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW - Simply executing commands that trigger page table operations can cause the leak.

Exploitation requires local access to trigger the vulnerable code path. No authentication bypass or privilege escalation is involved.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 1bf0d78c8cc3cf615a6e7bf33ada70b73592f0a1, 2bc5bab9a763d520937e4f3fe8df51c6a1eceb97, 5a8501d34b261906e4c76ec9da679f2cb4d309ed, d29cda15cab086d82d692de016f7249545d4b6b4, fa3d44424579972cc7c4fac3d9cf227798ebdfa0

Vendor Advisory: https://git.kernel.org/stable/c/1bf0d78c8cc3cf615a6e7bf33ada70b73592f0a1

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check with your distribution for backported patches. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Regular System Reboot

linux

Schedule regular reboots to clear accumulated memory leaks before exhaustion occurs.

sudo reboot

Memory Monitoring and Alerting

linux

Implement monitoring to detect abnormal memory consumption patterns and alert administrators.

# Monitor memory usage: watch -n 60 'free -m'
# Set up monitoring with tools like Nagios, Zabbix, or Prometheus

🧯 If You Can't Patch

Implement strict access controls to limit local user access to vulnerable systems
Deploy memory monitoring with automated alerts for abnormal consumption patterns

🔍 How to Verify

Check if Vulnerable:

Check kernel version and configuration: 'uname -r' and verify if running affected MIPS configuration with PAGE_SIZE_4KB enabled and MIPS_VA_BITS_48 disabled.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits: 'uname -r' and check kernel changelog for the specific commit hashes.

📡 Detection & Monitoring

Log Indicators:

Kernel oom-killer messages
System log entries showing memory exhaustion
Application failures due to out-of-memory conditions

Network Indicators:

None - this is a local memory management issue

SIEM Query:

source="kernel" AND ("Out of memory" OR "oom-killer" OR "memory allocation failure")

📊 Metadata

CVE ID: CVE-2022-49210

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-401

EPSS Score: 0.04% exploit probability (10th percentile)

Published: February 26, 2025

Last Updated: October 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-49210, you might also want to check these: