CVE-2022-49906 in Linux
Summary
by MITRE • 05/01/2025
In the Linux kernel, the following vulnerability has been resolved:
ibmvnic: Free rwi on reset success
Free the rwi structure in the event that the last rwi in the list processed successfully. The logic in commit 4f408e1fa6e1 ("ibmvnic: retry reset if there are no other resets") introduces an issue that results in a 32 byte memory leak whenever the last rwi in the list gets processed.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 03/15/2026
The vulnerability identified as CVE-2022-49906 represents a memory management flaw within the Linux kernel's IBM Virtual Network Interface Controller driver implementation. This issue specifically affects the ibmvnic subsystem which handles network communication for IBM Power Systems virtual machines. The vulnerability manifests as a memory leak that occurs during the reset operation sequence of the network adapter, creating a persistent resource consumption problem that can degrade system performance over time. The flaw was introduced through a previous code change that attempted to improve reset retry logic but inadvertently created a path where memory allocated for request work items would not be properly released.
The technical root cause of this vulnerability lies in the improper handling of memory allocation and deallocation within the ibmvnic driver's reset processing logic. When the driver processes reset operations, it maintains a list of request work items (rwi) that represent pending network operations. The original implementation correctly freed these structures during normal operation, but the modification introduced in commit 4f408e1fa6e1 created a scenario where the final rwi in the processing list would not be freed when the reset completed successfully. This results in a 32-byte memory leak for each reset operation that reaches this specific processing state, with the leaked memory remaining unrecovered until the driver is unloaded or the system is rebooted.
The operational impact of this vulnerability extends beyond simple memory consumption as it represents a potential denial of service vector that could lead to progressive system resource exhaustion. While the individual memory leak is relatively small at 32 bytes, repeated reset operations in high-traffic network environments could accumulate to significant memory pressure that affects overall system stability. The vulnerability affects systems running Linux kernel versions that include the problematic commit, particularly those utilizing IBM Power Systems with virtual network interfaces. Attackers who can repeatedly trigger reset operations could potentially accelerate memory exhaustion, though the direct exploitation requires specific conditions related to network adapter management and reset triggering.
Mitigation strategies for this vulnerability should focus on applying the appropriate kernel security patches that address the memory leak in the ibmvnic driver. System administrators should prioritize updating their Linux kernel versions to include the fix that properly handles rwi structure deallocation during successful reset completion. The fix involves ensuring that the rwi structures are consistently freed regardless of the reset outcome, maintaining proper memory management throughout the reset processing lifecycle. Organizations should also implement monitoring systems to detect unusual memory consumption patterns that might indicate the presence of this vulnerability, particularly in environments where network reset operations are frequent. This vulnerability aligns with CWE-401, which addresses improper release of memory, and could potentially be leveraged in conjunction with other network-based attacks that target system resource exhaustion as part of broader attack strategies.