CVE-2022-49982
📋 TL;DR
This CVE describes a memory leak vulnerability in the Linux kernel's pvrusb2 media driver. When the pvr_probe function fails during device initialization, it doesn't properly clean up v4l2 device registration, leading to a memory leak. This affects Linux systems using the pvrusb2 driver for Hauppauge PVR USB2 devices.
💻 Affected Systems
- Linux kernel pvrusb2 driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could lead to kernel memory exhaustion, causing system instability, crashes, or denial of service.
Likely Case
Memory leak accumulates over time when USB device initialization fails repeatedly, potentially leading to system performance degradation.
If Mitigated
With proper monitoring and memory limits, impact is limited to occasional memory pressure without system compromise.
🎯 Exploit Status
Exploitation requires ability to trigger USB device initialization failures repeatedly. Not a privilege escalation or remote code execution vulnerability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in Linux kernel stable releases containing commits: 2fe46195d2f0d5d09ea65433aefe47a4d0d0ff4d, 466b67c0543b2ae67814d053f6e29b39be6b33bb, 491762b3250fb06a0c97b5198656ea48359eaeed, 945a9a8e448b65bec055d37eba58f711b39f66f0, ba7dd8a9686a61a34b3a7b922ce721378d4740d0
Vendor Advisory: https://git.kernel.org/stable/c/2fe46195d2f0d5d09ea65433aefe47a4d0d0ff4d
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable pvrusb2 driver
linuxPrevent loading of vulnerable driver if not needed
echo 'blacklist pvrusb2' >> /etc/modprobe.d/blacklist.conf
rmmod pvrusb2
Prevent USB device binding
linuxStop specific USB devices from binding to vulnerable driver
echo 'SUBSYSTEM=="usb", ATTR{idVendor}=="2040", ATTR{idProduct}=="c200", RUN+="/bin/sh -c 'echo -n $kernel > /sys/bus/usb/drivers/pvrusb2/unbind'"' > /etc/udev/rules.d/99-disable-pvrusb2.rules
udevadm control --reload-rules
🧯 If You Can't Patch
- Monitor kernel memory usage and restart system if memory pressure increases
- Avoid using Hauppauge PVR USB2 devices or ensure they initialize successfully
🔍 How to Verify
Check if Vulnerable:
Check if pvrusb2 module is loaded: lsmod | grep pvrusb2. Check kernel version against distribution security advisories.Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits. Check dmesg for pvrusb2 initialization errors and monitor memory usage.📡 Detection & Monitoring
Log Indicators:
- dmesg | grep -i 'pvrusb2\|memory leak'
- kernel logs showing repeated USB device initialization failures
Network Indicators:
- None - local vulnerability only
SIEM Query:
source="kernel" AND ("pvrusb2" OR "pvr_probe") AND ("error" OR "failed" OR "leak")🔗 References
- https://git.kernel.org/stable/c/2fe46195d2f0d5d09ea65433aefe47a4d0d0ff4d
- https://git.kernel.org/stable/c/466b67c0543b2ae67814d053f6e29b39be6b33bb
- https://git.kernel.org/stable/c/491762b3250fb06a0c97b5198656ea48359eaeed
- https://git.kernel.org/stable/c/945a9a8e448b65bec055d37eba58f711b39f66f0
- https://git.kernel.org/stable/c/ba7dd8a9686a61a34b3a7b922ce721378d4740d0
- https://git.kernel.org/stable/c/bacb37bdc2a21c8f7fdc83dcc0dea2f4ca1341fb
- https://git.kernel.org/stable/c/c02d2a91a85c4c4d05826cd1ea74a9b8d42e4280
- https://git.kernel.org/stable/c/f2f6e67522916f53ad8ccd4dbe68dcf76e9776e5
