{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-49902", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-05-01T14:05:17.245Z", "datePublished": "2025-05-01T14:10:47.608Z", "dateUpdated": "2025-05-04T08:48:18.878Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:48:18.878Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix possible memory leak for rq_wb on add_disk failure\n\nkmemleak reported memory leaks in device_add_disk():\n\nkmemleak: 3 new suspected memory leaks\n\nunreferenced object 0xffff88800f420800 (size 512):\n comm \"modprobe\", pid 4275, jiffies 4295639067 (age 223.512s)\n hex dump (first 32 bytes):\n 04 00 00 00 08 00 00 00 01 00 00 00 00 00 00 00 ................\n 00 e1 f5 05 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<00000000d3662699>] kmalloc_trace+0x26/0x60\n [<00000000edc7aadc>] wbt_init+0x50/0x6f0\n [<0000000069601d16>] wbt_enable_default+0x157/0x1c0\n [<0000000028fc393f>] blk_register_queue+0x2a4/0x420\n [<000000007345a042>] device_add_disk+0x6fd/0xe40\n [<0000000060e6aab0>] nbd_dev_add+0x828/0xbf0 [nbd]\n ...\n\nIt is because the memory allocated in wbt_enable_default() is not\nreleased in device_add_disk() error path.\nNormally, these memory are freed in:\n\ndel_gendisk()\n rq_qos_exit()\n rqos->ops->exit(rqos);\n wbt_exit()\n\nSo rq_qos_exit() is called to free the rq_wb memory for wbt_init().\nHowever in the error path of device_add_disk(), only\nblk_unregister_queue() is called and make rq_wb memory leaked.\n\nAdd rq_qos_exit() to the error path to fix it."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["block/genhd.c"], "versions": [{"version": "83cbce9574462c6b4eed6797bdaf18fae6859ab3", "lessThan": "4e68c5da60cd79950bd56287ae80b39d6261f995", "status": "affected", "versionType": "git"}, {"version": "83cbce9574462c6b4eed6797bdaf18fae6859ab3", "lessThan": "528677d3b4af985445bd4ac667485ded1ed11220", "status": "affected", "versionType": "git"}, {"version": "83cbce9574462c6b4eed6797bdaf18fae6859ab3", "lessThan": "fa81cbafbf5764ad5053512152345fab37a1fe18", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["block/genhd.c"], "versions": [{"version": "5.15", "status": "affected"}, {"version": "0", "lessThan": "5.15", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.78", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.0.8", "lessThanOrEqual": "6.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "5.15.78"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.0.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.15", "versionEndExcluding": "6.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/4e68c5da60cd79950bd56287ae80b39d6261f995"}, {"url": "https://git.kernel.org/stable/c/528677d3b4af985445bd4ac667485ded1ed11220"}, {"url": "https://git.kernel.org/stable/c/fa81cbafbf5764ad5053512152345fab37a1fe18"}], "title": "block: Fix possible memory leak for rq_wb on add_disk failure", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "8F6D7999-4597-4115-9540-B15A0C26C955", "versionEndExcluding": "5.15.78", "versionStartIncluding": "5.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "EC9A754E-625D-42F3-87A7-960D643E2867", "versionEndExcluding": "6.0.8", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix possible memory leak for rq_wb on add_disk failure\n\nkmemleak reported memory leaks in device_add_disk():\n\nkmemleak: 3 new suspected memory leaks\n\nunreferenced object 0xffff88800f420800 (size 512):\n comm \"modprobe\", pid 4275, jiffies 4295639067 (age 223.512s)\n hex dump (first 32 bytes):\n 04 00 00 00 08 00 00 00 01 00 00 00 00 00 00 00 ................\n 00 e1 f5 05 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<00000000d3662699>] kmalloc_trace+0x26/0x60\n [<00000000edc7aadc>] wbt_init+0x50/0x6f0\n [<0000000069601d16>] wbt_enable_default+0x157/0x1c0\n [<0000000028fc393f>] blk_register_queue+0x2a4/0x420\n [<000000007345a042>] device_add_disk+0x6fd/0xe40\n [<0000000060e6aab0>] nbd_dev_add+0x828/0xbf0 [nbd]\n ...\n\nIt is because the memory allocated in wbt_enable_default() is not\nreleased in device_add_disk() error path.\nNormally, these memory are freed in:\n\ndel_gendisk()\n rq_qos_exit()\n rqos->ops->exit(rqos);\n wbt_exit()\n\nSo rq_qos_exit() is called to free the rq_wb memory for wbt_init().\nHowever in the error path of device_add_disk(), only\nblk_unregister_queue() is called and make rq_wb memory leaked.\n\nAdd rq_qos_exit() to the error path to fix it."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bloque: Reparar posible p\u00e9rdida de memoria para rq_wb en caso de error de add_disk kmemleak inform\u00f3 p\u00e9rdidas de memoria en device_add_disk(): kmemleak: 3 nuevas p\u00e9rdidas de memoria sospechosas objeto no referenciado 0xffff88800f420800 (tama\u00f1o 512): comm \"modprobe\", pid 4275, jiffies 4295639067 (edad 223.512s) volcado hexadecimal (primeros 32 bytes): 04 00 00 00 08 00 00 00 01 00 00 00 00 00 00 00 00 ................ 00 e1 f5 05 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [&lt;00000000d3662699&gt;] kmalloc_trace+0x26/0x60 [&lt;00000000edc7aadc&gt;] wbt_init+0x50/0x6f0 [&lt;0000000069601d16&gt;] wbt_enable_default+0x157/0x1c0 [&lt;0000000028fc393f&gt;] blk_register_queue+0x2a4/0x420 [&lt;000000007345a042&gt;] device_add_disk+0x6fd/0xe40 [&lt;0000000060e6aab0&gt;] nbd_dev_add+0x828/0xbf0 [nbd] ... Esto se debe a que la memoria asignada en wbt_enable_default() no se libera en la ruta de error device_add_disk(). Normalmente, esta memoria se libera en: del_gendisk() rq_qos_exit() rqos-&gt;ops-&gt;exit(rqos); wbt_exit(). Por lo tanto, se llama a rq_qos_exit() para liberar la memoria rq_wb para wbt_init(). Sin embargo, en la ruta de error de device_add_disk(), solo se llama a blk_unregister_queue(), lo que provoca una fuga de memoria en rq_wb. Agregue rq_qos_exit() a la ruta de error para corregirlo."}], "id": "CVE-2022-49902", "lastModified": "2025-05-07T13:30:42.970", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "[email protected]", "type": "Primary"}]}, "published": "2025-05-01T15:16:15.270", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/4e68c5da60cd79950bd56287ae80b39d6261f995"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/528677d3b4af985445bd4ac667485ded1ed11220"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/fa81cbafbf5764ad5053512152345fab37a1fe18"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "[email protected]", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: block: Fix possible memory leak for rq_wb on add_disk failure", "id": "2363385", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363385"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nblock: Fix possible memory leak for rq_wb on add_disk failure\nkmemleak reported memory leaks in device_add_disk():\nkmemleak: 3 new suspected memory leaks\nunreferenced object 0xffff88800f420800 (size 512):\ncomm \"modprobe\", pid 4275, jiffies 4295639067 (age 223.512s)\nhex dump (first 32 bytes):\n04 00 00 00 08 00 00 00 01 00 00 00 00 00 00 00 ................\n00 e1 f5 05 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[<00000000d3662699>] kmalloc_trace+0x26/0x60\n[<00000000edc7aadc>] wbt_init+0x50/0x6f0\n[<0000000069601d16>] wbt_enable_default+0x157/0x1c0\n[<0000000028fc393f>] blk_register_queue+0x2a4/0x420\n[<000000007345a042>] device_add_disk+0x6fd/0xe40\n[<0000000060e6aab0>] nbd_dev_add+0x828/0xbf0 [nbd]\n...\nIt is because the memory allocated in wbt_enable_default() is not\nreleased in device_add_disk() error path.\nNormally, these memory are freed in:\ndel_gendisk()\nrq_qos_exit()\nrqos->ops->exit(rqos);\nwbt_exit()\nSo rq_qos_exit() is called to free the rq_wb memory for wbt_init().\nHowever in the error path of device_add_disk(), only\nblk_unregister_queue() is called and make rq_wb memory leaked.\nAdd rq_qos_exit() to the error path to fix it."], "name": "CVE-2022-49902", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-05-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-49902\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49902\nhttps://lore.kernel.org/linux-cve-announce/2025050102-CVE-2022-49902-59fe@gregkh/T"], "threat_severity": "Moderate"}