CVE-2022-50836
Memory Leak in Linux remoteproc sysmon Component Fixed
Publication date: 2025-12-30
Last updated on: 2025-12-30
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
Apply the updated Linux kernel patch that fixes the memory leak in the qcom_add_sysmon_subdev() function by ensuring kfree() is called appropriately when of_irq_get_byname() or devm_request_threaded_irq() fails.
Can you explain this vulnerability to me?
This vulnerability is a memory leak in the Linux kernel's remoteproc subsystem, specifically in the sysmon component's function qcom_add_sysmon_subdev(). When certain functions (of_irq_get_byname() or devm_request_threaded_irq()) fail, the code does not properly free allocated memory, leading to a memory leak. The fix involves adding a kfree() call to release the memory in these failure cases.
How can this vulnerability impact me? :
The memory leak caused by this vulnerability can lead to increased memory usage over time, potentially degrading system performance or causing resource exhaustion on affected Linux systems using the remoteproc sysmon component.