CVE-2022-49861 in Linuxinfo

Summary

by MITRE • 05/01/2025

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()

A clk_prepare_enable() call in the probe is not balanced by a corresponding clk_disable_unprepare() in the remove function.

Add the missing call.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Analysis

by VulDB Data Team • 03/14/2026

The vulnerability identified as CVE-2022-49861 affects the Linux kernel's dmaengine subsystem, specifically within the mv_xor_v2 driver implementation. This issue represents a classic resource management flaw that can lead to system instability and potential denial of service conditions. The vulnerability occurs in the device driver responsible for managing memory-mapped DMA operations on Marvell XOR hardware accelerators, which are commonly found in storage and networking applications. The flaw manifests as an imbalance in clock resource handling during device lifecycle operations, creating a scenario where system resources remain allocated indefinitely.

The technical root cause of this vulnerability lies in the improper pairing of clock management functions within the driver's probe and remove callbacks. During the device probe phase, the driver executes a clk_prepare_enable() function call to prepare and enable the clock source required for hardware operations. However, in the corresponding remove function, the driver fails to execute the matching clk_disable_unprepare() call that should disable and clean up the clock resources. This mismatch creates a resource leak where the clock domain remains enabled and prepared, consuming system resources that should be freed during device removal.

This resource leak vulnerability falls under the category of improper resource management as classified by CWE-404, specifically involving clock resource management. The operational impact of this flaw can be significant, particularly in embedded systems or environments where device hotplugging occurs frequently. When multiple devices are repeatedly added and removed, each instance of the bug contributes to progressive resource exhaustion, potentially leading to system instability, performance degradation, or complete system hangs. The vulnerability is particularly concerning in server environments where DMA operations are frequent and hardware resources are tightly managed.

The mitigation for this vulnerability requires a straightforward code fix that involves adding the missing clk_disable_unprepare() call in the mv_xor_v2_remove() function. This ensures proper resource cleanup and maintains the balance between clock preparation and cleanup operations. The fix aligns with established best practices for device driver development and follows the principle of resource management consistency. System administrators should apply the relevant kernel patches immediately, particularly in production environments where device hotplugging occurs frequently or where resource exhaustion could impact system availability. Organizations implementing the ATT&CK framework should consider this vulnerability as part of their device driver security assessments, as it represents a potential vector for resource exhaustion attacks that could be exploited to cause denial of service conditions. The fix demonstrates the importance of maintaining proper resource lifecycle management in kernel space drivers, where even seemingly minor omissions can have significant operational consequences.

Responsible

Linux

Reservation

05/01/2025

Disclosure

05/01/2025

Moderation

accepted

CPE

ready

EPSS

0.00166

KEV

no

Activities

very low

Sources

Want to know what is going to be exploited?

We predict KEV entries!