CVE-2022-50631
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-09

Last updated on: 2025-12-09

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec: Fix memory leak of fdt buffer This is reported by kmemleak detector: unreferenced object 0xff60000082864000 (size 9588): comm "kexec", pid 146, jiffies 4294900634 (age 64.788s) hex dump (first 32 bytes): d0 0d fe ed 00 00 12 ed 00 00 00 48 00 00 11 40 ...........H...@ 00 00 00 28 00 00 00 11 00 00 00 02 00 00 00 00 ...(............ backtrace: [<00000000f95b17c4>] kmemleak_alloc+0x34/0x3e [<00000000b9ec8e3e>] kmalloc_order+0x9c/0xc4 [<00000000a95cf02e>] kmalloc_order_trace+0x34/0xb6 [<00000000f01e68b4>] __kmalloc+0x5c2/0x62a [<000000002bd497b2>] kvmalloc_node+0x66/0xd6 [<00000000906542fa>] of_kexec_alloc_and_setup_fdt+0xa6/0x6ea [<00000000e1166bde>] elf_kexec_load+0x206/0x4ec [<0000000036548e09>] kexec_image_load_default+0x40/0x4c [<0000000079fbe1b4>] sys_kexec_file_load+0x1c4/0x322 [<0000000040c62c03>] ret_from_syscall+0x0/0x2 In elf_kexec_load(), a buffer is allocated via kvmalloc() to store fdt. While it's not freed back to system when kexec kernel is reloaded or unloaded. Then memory leak is caused. Fix it by introducing riscv specific function arch_kimage_file_post_load_cleanup(), and freeing the buffer there.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2025-12-09
Generated
2026-05-07
AI Q&A
2025-12-09
EPSS Evaluated
2026-05-05
NVD
CVE-2022-50631
EUVD
EUVD-2022-55725
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a memory leak in the Linux kernel on RISC-V architecture related to the kexec functionality. Specifically, when the kernel reloads or unloads using kexec, a buffer allocated to store the flattened device tree (fdt) is not freed properly, causing a memory leak. The issue was detected by the kmemleak detector and fixed by adding a RISC-V specific cleanup function to free the buffer after loading the kexec image.


How can this vulnerability impact me? :

The memory leak caused by this vulnerability can lead to increased memory usage over time when using kexec on RISC-V systems. This could degrade system performance or stability, especially in environments where kexec is used frequently, potentially leading to resource exhaustion.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by using the kmemleak detector in the Linux kernel, which reports unreferenced memory objects related to the kexec process. To detect it, you can enable and check kmemleak reports. For example, you can enable kmemleak by adding 'kmemleak=on' to the kernel boot parameters and then check the kmemleak status and reports via the following commands: 1. Enable kmemleak (if not already enabled): reboot with kernel parameter 'kmemleak=on' 2. Check kmemleak status: cat /sys/kernel/debug/kmemleak 3. Trigger kmemleak scan: echo scan > /sys/kernel/debug/kmemleak 4. Review reported leaks: cat /sys/kernel/debug/kmemleak Look specifically for entries related to the 'kexec' command and memory allocations as described in the vulnerability report.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability immediately, update your Linux kernel to a version that includes the fix for the kexec memory leak on RISC-V architectures. The fix involves freeing the allocated fdt buffer during kexec kernel reload or unload by introducing the riscv specific function arch_kimage_file_post_load_cleanup(). Until the update is applied, avoid frequent use of kexec on affected systems to reduce the risk of memory leaks.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart