CVE-2022-50352
📋 TL;DR
This is a memory leak vulnerability in the Linux kernel's HNS network driver. When device registration fails during module probing, the kernel doesn't properly clean up allocated memory, leading to resource exhaustion over time. Systems using affected Linux kernel versions with HNS networking hardware are vulnerable.
💻 Affected Systems
- Linux kernel with HNS network driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Sustained exploitation could lead to kernel memory exhaustion, causing system instability, crashes, or denial of service through resource depletion.
Likely Case
Memory leak accumulates over time during device registration failures, potentially causing performance degradation or system instability after repeated failures.
If Mitigated
With proper monitoring and patching, impact is limited to temporary resource usage spikes during device registration failures.
🎯 Exploit Status
Exploitation requires ability to trigger device registration failures, typically through module loading/unloading or fault injection. Not directly remote exploitable.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions with fixes from the provided git commits
Vendor Advisory: https://git.kernel.org/stable/c/02dc0db19d944b4a90941db505ecf1aaec714be4
Restart Required: No
Instructions:
1. Update Linux kernel to version containing fix commits
2. Rebuild kernel if using custom kernel
3. Load updated kernel modules
4. No system restart required for kernel module updates
🔧 Temporary Workarounds
Disable HNS module
allPrevent loading of vulnerable hnae module if HNS hardware not required
echo 'blacklist hnae' >> /etc/modprobe.d/blacklist.conf
rmmod hnae
🧯 If You Can't Patch
- Monitor kernel memory usage for unusual leaks
- Restrict module loading capabilities to prevent malicious exploitation
🔍 How to Verify
Check if Vulnerable:
Check kernel version and verify if hnae module is loaded: lsmod | grep hnaeCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits and test module loading/unloading while monitoring memory📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- Memory allocation failures in dmesg
- Repeated module load failures
Network Indicators:
- None - this is a local kernel vulnerability
SIEM Query:
source="kernel" AND ("hnae" OR "memory leak" OR "slab error")🔗 References
- https://git.kernel.org/stable/c/02dc0db19d944b4a90941db505ecf1aaec714be4
- https://git.kernel.org/stable/c/2974f3b330ef25f5d34a4948d04290c2cd7802cf
- https://git.kernel.org/stable/c/3b78453cca046d3b03853f0d077ad3ad130db886
- https://git.kernel.org/stable/c/7ae1345f6ad715acbcdc9e1ac28153684fd498bb
- https://git.kernel.org/stable/c/91f8f5342bee726ed5692583d58f69e7cc9ae60e
- https://git.kernel.org/stable/c/a3c148955c22fe1d94d7a2096005679c1f22eddf
- https://git.kernel.org/stable/c/dfc0337c6dceb6449403b33ecb141f4a1458a1e9
- https://git.kernel.org/stable/c/ff2f5ec5d009844ec28f171123f9e58750cef4bf
