CVE-2022-49784 in Linuxinfo

Summary

by MITRE • 05/01/2025

In the Linux kernel, the following vulnerability has been resolved:

perf/x86/amd/uncore: Fix memory leak for events array

When a CPU comes online, the per-CPU NB and LLC uncore contexts are freed but not the events array within the context structure. This causes a memory leak as identified by the kmemleak detector.

[...]
unreferenced object 0xffff8c5944b8e320 (size 32): comm "swapper/0", pid 1, jiffies 4294670387 (age 151.072s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<000000000759fb79>] amd_uncore_cpu_up_prepare+0xaf/0x230
[<00000000ddc9e126>] cpuhp_invoke_callback+0x2cf/0x470
[<0000000093e727d4>] cpuhp_issue_call+0x14d/0x170
[<0000000045464d54>] __cpuhp_setup_state_cpuslocked+0x11e/0x330
[<0000000069f67cbd>] __cpuhp_setup_state+0x6b/0x110
[<0000000015365e0f>] amd_uncore_init+0x260/0x321
[<00000000089152d2>] do_one_initcall+0x3f/0x1f0
[<000000002d0bd18d>] kernel_init_freeable+0x1ca/0x212
[<0000000030be8dde>] kernel_init+0x11/0x120
[<0000000059709e59>] ret_from_fork+0x22/0x30
unreferenced object 0xffff8c5944b8dd40 (size 64): comm "swapper/0", pid 1, jiffies 4294670387 (age 151.072s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [<00000000306efe8b>] amd_uncore_cpu_up_prepare+0x183/0x230
[<00000000ddc9e126>] cpuhp_invoke_callback+0x2cf/0x470
[<0000000093e727d4>] cpuhp_issue_call+0x14d/0x170
[<0000000045464d54>] __cpuhp_setup_state_cpuslocked+0x11e/0x330
[<0000000069f67cbd>] __cpuhp_setup_state+0x6b/0x110
[<0000000015365e0f>] amd_uncore_init+0x260/0x321
[<00000000089152d2>] do_one_initcall+0x3f/0x1f0
[<000000002d0bd18d>] kernel_init_freeable+0x1ca/0x212
[<0000000030be8dde>] kernel_init+0x11/0x120
[<0000000059709e59>] ret_from_fork+0x22/0x30
[...]

Fix the problem by freeing the events array before freeing the uncore context.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 12/19/2025

The vulnerability identified as CVE-2022-49784 represents a memory leak within the Linux kernel's performance monitoring subsystem, specifically affecting x86 processors with AMD uncore components. This issue manifests when CPU cores transition online, creating a persistent memory allocation that cannot be reclaimed by the system's memory manager. The flaw resides in the amd_uncore_cpu_up_prepare function which handles the preparation of uncore performance monitoring contexts for CPU hotplug operations. When a CPU comes online, the system correctly frees the per-CPU Northbridge (NB) and Last Level Cache (LLC) uncore contexts but fails to properly release the associated events array within these context structures. This oversight results in memory fragments that remain allocated and unreferenced, ultimately leading to gradual memory consumption over time.

The technical implementation of this vulnerability stems from improper resource management within the kernel's performance monitoring framework. The events array contains performance monitoring event descriptors that are allocated during the initialization of uncore contexts but are not freed during the cleanup phase when CPU cores are brought online. This memory leak occurs through the kernel's memory leak detection system known as kmemleak, which identified two distinct memory blocks of 32 and 64 bytes respectively. The backtrace shows the leak originates from the amd_uncore_cpu_up_prepare function, which is part of the CPU hotplug callback mechanism that manages the lifecycle of CPU cores. The affected code path demonstrates a classic memory management error where allocated resources are not properly deallocated during state transitions, following the pattern of improper resource cleanup that aligns with CWE-404, which describes improper resource management.

The operational impact of this vulnerability extends beyond simple memory consumption, potentially leading to system instability and performance degradation over extended periods of operation. While individual memory leaks may appear insignificant, in systems with frequent CPU hotplug operations or long uptime periods, these accumulated leaks can contribute to memory pressure and affect overall system responsiveness. The vulnerability affects systems utilizing AMD processors with uncore performance monitoring capabilities, particularly those implementing CPU hotplug functionality. The memory leak could compound with other system memory pressures, potentially leading to memory allocation failures or system slowdowns that impact critical workloads. The issue demonstrates the importance of proper resource cleanup in kernel space, where memory management errors can persist for extended periods without immediate user-facing symptoms.

The fix for this vulnerability involves modifying the amd_uncore_cpu_up_prepare function to ensure that the events array is freed before the uncore context structure itself is released. This approach follows established kernel memory management best practices and addresses the root cause of the resource leak by implementing proper cleanup ordering. The solution aligns with ATT&CK framework technique T1070.004, which covers "Indicator Removal on Host: File Deletion," as it involves proper cleanup of allocated resources. Additionally, this fix demonstrates adherence to CWE-404's principle of proper resource management, ensuring that all allocated memory is properly deallocated during resource lifecycle transitions. The patch ensures that when CPU cores transition online, all associated memory allocations including the events array are properly released, preventing the accumulation of memory leaks. This remediation approach is consistent with kernel development practices that emphasize memory safety and resource lifecycle management, particularly in subsystems that handle performance monitoring and CPU hotplug operations.

Responsible

Linux

Reservation

05/01/2025

Disclosure

05/01/2025

Moderation

accepted

CPE

ready

EPSS

0.00140

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!