CVE-2022-49887 in Linuxinfo

Summary

by MITRE • 05/01/2025

In the Linux kernel, the following vulnerability has been resolved:

media: meson: vdec: fix possible refcount leak in vdec_probe()

v4l2_device_unregister need to be called to put the refcount got by v4l2_device_register when vdec_probe fails or vdec_remove is called.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 05/01/2025

The vulnerability identified as CVE-2022-49887 resides within the Linux kernel's media subsystem, specifically affecting the meson video decoder driver implementation. This issue manifests as a reference count leak in the vdec_probe function, representing a critical resource management flaw that can lead to system instability and potential denial of service conditions. The vulnerability impacts devices utilizing meson hardware video decoding capabilities, particularly those employing the v4l2 (Video4Linux2) framework for media device handling.

The technical flaw occurs when the vdec_probe function successfully registers a v4l2 device using v4l2_device_register but subsequently fails to properly release the reference count through v4l2_device_unregister during error conditions or device removal scenarios. This improper resource management creates a situation where the kernel's reference counting mechanism maintains an inflated count for the v4l2 device structure, preventing proper cleanup and resource deallocation. The reference count leak directly violates fundamental resource management principles and can accumulate over time, leading to memory exhaustion and system performance degradation.

The operational impact of this vulnerability extends beyond simple resource waste, potentially enabling attackers to exploit the reference count leak for denial of service attacks against systems running affected kernel versions. When the v4l2 device registration fails or during device removal operations, the missing v4l2_device_unregister call prevents proper cleanup of the device structure, which can result in memory leaks that compound over time. This vulnerability affects systems using meson hardware video decoding capabilities, particularly those implementing the v4l2 framework for video device management, and can impact multimedia applications, video streaming services, and embedded systems relying on hardware-accelerated video decoding.

Mitigation strategies for CVE-2022-49887 require immediate kernel updates addressing the reference count leak in the meson vdec driver implementation. System administrators should prioritize patching affected kernel versions to ensure proper v4l2_device_unregister calls are executed during both error conditions and normal device removal operations. The fix implements proper resource cleanup by ensuring that every v4l2_device_register call is paired with an appropriate v4l2_device_unregister call, preventing the accumulation of reference counts that could lead to memory exhaustion. This vulnerability aligns with CWE-404, which describes improper resource management, and represents a specific instance of resource leak patterns commonly exploited in kernel-level security incidents. The ATT&CK framework categorizes this vulnerability under privilege escalation and resource exhaustion techniques, as attackers could leverage the reference count leak to consume system resources and potentially achieve persistent access to affected systems through sustained denial of service conditions.

Responsible

Linux

Reservation

05/01/2025

Disclosure

05/01/2025

Moderation

accepted

CPE

ready

EPSS

0.00165

KEV

no

Activities

very low

Sources

Do you know our Splunk app?

Download it now for free!