2348127 – (CVE-2022-49549) CVE-2022-49549 kernel: x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails

Bug 2348127 (CVE-2022-49549) - CVE-2022-49549 kernel: x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails

Summary: CVE-2022-49549 kernel: x86/MCE/AMD: Fix memory leak when threshold_create_ban...

Keywords:
Status:	NEW
Alias:	CVE-2022-49549
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-02-26 03:18 UTC by OSIDB Bzimport
Modified:	2025-03-24 16:12 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-02-26 03:18:33 UTC

In the Linux kernel, the following vulnerability has been resolved:

x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails

In mce_threshold_create_device(), if threshold_create_bank() fails, the
previously allocated threshold banks array @bp will be leaked because
the call to mce_threshold_remove_device() will not free it.

This happens because mce_threshold_remove_device() fetches the pointer
through the threshold_banks per-CPU variable but bp is written there
only after the bank creation is successful, and not before, when
threshold_create_bank() fails.

Add a helper which unwinds all the bank creation work previously done
and pass into it the previously allocated threshold banks array for
freeing.

  [ bp: Massage. ]

Comment 1 Avinash Hanwate 2025-02-27 07:56:35 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025022615-CVE-2022-49549-db30@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.