Login Sign Up

CVE-2022-50278

5.5 MEDIUM

📋 TL;DR

This CVE describes a memory leak vulnerability in the Linux kernel's PNP subsystem. When the pnp_alloc_dev() function fails after device name allocation, the dynamically allocated name memory isn't properly freed, leading to kernel memory exhaustion over time. This affects all Linux systems using the PNP subsystem.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Versions containing the vulnerable code between commit 1fa5ae857bb1 and the fix commits
Operating Systems: All Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Requires PNP subsystem usage; vulnerability triggers when pnp_alloc_dev() fails after device name allocation.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Sustained exploitation could lead to kernel memory exhaustion, causing system instability, denial of service, or potential kernel panic/crash.

🟠

Likely Case

Gradual memory leak leading to degraded system performance over time, potentially requiring system reboot to recover memory.

🟢

If Mitigated

With proper monitoring and memory limits, impact is limited to performance degradation rather than complete system failure.

🌐 Internet-Facing: LOW - This requires local access or kernel-level compromise to trigger repeatedly for meaningful impact.
🏢 Internal Only: MEDIUM - Internal users or processes with appropriate privileges could trigger this vulnerability, leading to system instability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires triggering the specific failure condition in pnp_alloc_dev() repeatedly to cause memory exhaustion.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 110d7b0325c55ff3620073ba4201845f59e22ebf, 1f50c7497a5f89de0c31f2edf086af41ff834320, 290dd73b943c95c006df973257076ff163adf4d0, 693a0c13c1f0c0fcaa1e38cb806cc0789bd415aa, 81b024df4755e6bb6993b786584eca6eabbb9791

Vendor Advisory: https://git.kernel.org/stable/c/110d7b0325c55ff3620073ba4201845f59e22ebf

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable PNP subsystem

Linux

Disable the PNP subsystem if not required for your hardware configuration

echo "blacklist pnp" > /etc/modprobe.d/blacklist-pnp.conf
update-initramfs -u
reboot

🧯 If You Can't Patch

  • Implement kernel memory monitoring and alerting for unusual memory consumption patterns
  • Restrict user/process access to PNP device operations through SELinux/AppArmor policies

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with affected commit range: uname -r && git log --oneline | grep -E "(110d7b0|1f50c74|290dd73|693a0c1|81b024d)"

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commits: uname -r && zgrep -E "(110d7b0325c55ff3620073ba4201845f59e22ebf|1f50c7497a5f89de0c31f2edf086af41ff834320|290dd73b943c95c006df973257076ff163adf4d0|693a0c13c1f0c0fcaa1e38cb806cc0789bd415aa|81b024df4755e6bb6993b786584eca6eabbb9791)" /proc/config.gz

📡 Detection & Monitoring

Log Indicators:

  • Kernel oom-killer messages
  • Memory allocation failures in dmesg
  • PNP subsystem error messages

Network Indicators:

  • None - this is a local kernel vulnerability

SIEM Query:

source="kernel" AND ("out of memory" OR "oom-killer" OR "pnp_alloc_dev" OR "memory allocation failure")

📊 Metadata

CVE ID: CVE-2022-50278
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-401
EPSS Score: 0.01% exploit probability (1th percentile)
Published: September 15, 2025
Last Updated: December 3, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-50278, you might also want to check these:

CVE-2021-40633 8.8

CVE-2021-40633 is a memory leak vulnerability in gif2rgb, a utility in giflib 5.1.4, allowing remote...

Same vulnerability type (CWE-401)
CVE-2021-3492 8.8

CVE-2021-3492 is a kernel vulnerability in Ubuntu's Shiftfs filesystem where improper error handling...

Same vulnerability type (CWE-401)
CVE-2024-25450 8.8

CVE-2024-25450 is a memory allocation vulnerability in imlib2 v1.9.1's init_imlib_fonts() function t...

Same vulnerability type (CWE-401)