CVE-2022-49817 in Linuxinfo

Summary

by MITRE • 05/01/2025

In the Linux kernel, the following vulnerability has been resolved:

net: mhi: Fix memory leak in mhi_net_dellink()

MHI driver registers network device without setting the needs_free_netdev flag, and does NOT call free_netdev() when unregisters network device, which causes a memory leak.

This patch calls free_netdev() to fix it since netdev_priv is used after unregister.

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 11/07/2025

The vulnerability CVE-2022-49817 represents a memory leak issue within the Linux kernel's Mobile Harness Interface (MHI) driver subsystem, specifically affecting the mhi_net_dellink() function. This flaw exists in the network device management component of the MHI driver which is responsible for handling mobile hardware interfaces in embedded systems and automotive applications. The MHI driver serves as a critical interface between mobile communication hardware and the Linux networking stack, enabling devices to communicate through various mobile network protocols and interfaces.

The technical root cause of this vulnerability stems from improper memory management practices within the MHI network driver implementation. When the mhi_net_dellink() function processes network device removal operations, it fails to properly clean up allocated memory resources. The driver registers network devices without setting the needs_free_netdev flag, which is a standard mechanism in the Linux kernel networking subsystem that indicates to the kernel that it should automatically manage the cleanup of network device private data structures. This omission prevents the kernel from automatically invoking the necessary cleanup routines, specifically the free_netdev() function, when network devices are unregistered from the system.

The operational impact of this memory leak manifests as progressive memory consumption within the kernel space, potentially leading to system instability, reduced performance, or even system crashes under sustained network activity. The vulnerability affects systems utilizing MHI drivers for mobile communication interfaces, particularly those in automotive, industrial, or embedded computing environments where continuous network operations are common. The leak occurs because netdev_priv() memory allocations are accessed after unregister operations, creating a scenario where allocated memory blocks remain unreleased and unavailable for reuse, effectively causing a resource exhaustion condition over time.

This vulnerability maps directly to CWE-401, which identifies improper memory management as a critical weakness in software systems. The flaw demonstrates a classic memory leak pattern where allocated resources are not properly released during the normal lifecycle of network device operations. From an ATT&CK framework perspective, this vulnerability could be leveraged by adversaries to perform resource exhaustion attacks against systems running affected kernel versions, potentially leading to denial of service conditions that impact system availability. The issue is particularly concerning in automotive environments where MHI drivers are used for telematics and communication systems, as memory leaks could compromise vehicle network reliability and safety-critical operations.

The fix implemented in this patch addresses the vulnerability by explicitly calling free_netdev() within the mhi_net_dellink() function to ensure proper memory cleanup during network device removal operations. This approach aligns with established kernel development practices for managing network device resources and follows the standard pattern of ensuring that all memory allocated for network device private data structures is properly released when devices are unregistered. System administrators should apply the relevant kernel updates containing this patch to address the vulnerability, particularly in environments where continuous network operations are performed or where memory resource constraints are critical. The resolution demonstrates the importance of proper resource management practices in kernel-level drivers and highlights the need for comprehensive testing of network device lifecycle operations to prevent similar memory management issues.

Responsible

Linux

Reservation

05/01/2025

Disclosure

05/01/2025

Moderation

accepted

CPE

ready

EPSS

0.00164

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!