CVE-2022-50170
📋 TL;DR
This CVE describes a memory leak vulnerability in the Linux kernel's KUnit testing framework. If memory allocation fails during test filtering, a copy of the test suite structure could be leaked, potentially leading to kernel memory exhaustion. This affects systems running vulnerable Linux kernel versions with KUnit enabled.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
An attacker could trigger repeated memory allocation failures to cause kernel memory exhaustion, leading to system instability, denial of service, or kernel panic.
Likely Case
Memory leak under specific error conditions during KUnit test execution, potentially causing gradual memory consumption and system performance degradation.
If Mitigated
Minimal impact as KUnit is typically used in development/testing environments and not in production systems by default.
🎯 Exploit Status
Exploitation requires triggering specific memory allocation failure conditions during KUnit test filtering, which is complex and requires local access or ability to run KUnit tests.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Fixed in kernel commits: 7d69764fa3442c7615a75c6b5c02eaa1f274bccf, 94681e289bf5d10c9db9db143d1a22d8717205c5, a8a7e3ced362b88b659ab54239990196ff975982
Vendor Advisory: https://git.kernel.org/stable/c/7d69764fa3442c7615a75c6b5c02eaa1f274bccf
Restart Required: Yes
Instructions:
1. Update to a kernel version containing the fix commits. 2. Rebuild kernel if compiling from source. 3. Reboot system to load patched kernel.
🔧 Temporary Workarounds
Disable KUnit
linuxDisable KUnit testing framework in kernel configuration
Disable CONFIG_KUNIT in kernel configuration and rebuild kernel
🧯 If You Can't Patch
- Ensure KUnit is disabled in production systems
- Monitor system memory usage for unusual consumption patterns
🔍 How to Verify
Check if Vulnerable:
Check kernel version and verify if KUnit is enabled: grep CONFIG_KUNIT /boot/config-$(uname -r)Check Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits or check if KUnit is disabled📡 Detection & Monitoring
Log Indicators:
- Kernel OOM (Out of Memory) messages
- KUnit test failure logs with memory allocation errors
Network Indicators:
- None - local vulnerability only
SIEM Query:
Search for kernel logs containing 'kunit' and 'memory allocation failure' or 'OOM'