CVE-2022-49549
- Source
- https://cve.org/CVERecord?id=CVE-2022-49549
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49549.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-49549
- Downstream
- Related
- Published
- 2025-02-26T02:14:00.256Z
- Modified
- 2026-03-10T11:53:55.739979Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- x86/MCE/AMD: Fix memory leak when threshold_create_bank() fails
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
x86/MCE/AMD: Fix memory leak when thresholdcreatebank() fails
In mcethresholdcreatedevice(), if thresholdcreatebank() fails, the previously allocated threshold banks array @bp will be leaked because the call to mcethresholdremovedevice() will not free it.
This happens because mcethresholdremovedevice() fetches the pointer through the thresholdbanks per-CPU variable but bp is written there only after the bank creation is successful, and not before, when thresholdcreatebank() fails.
Add a helper which unwinds all the bank creation work previously done and pass into it the previously allocated threshold banks array for freeing.
[ bp: Massage. ]
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49549.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/396b8e7ab2a99ddac57d3522b3da5e58cb608d37
- https://git.kernel.org/stable/c/9708f1956eeb70c86943e0bc62fa3b0101b59616
- https://git.kernel.org/stable/c/b4acb8e7f1594607bc9017ef0aacb40b24a003d6
- https://git.kernel.org/stable/c/cc0dd4456f9573bf8af9b4d8754433918e809e1e
- https://git.kernel.org/stable/c/e5f28623ceb103e13fc3d7bd45edf9818b227fd0
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49549.json
- https://nvd.nist.gov/vuln/detail/CVE-2022-49549
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced6458de97fc15530b54477c4e2b70af653e8ac3d9Fixedb4acb8e7f1594607bc9017ef0aacb40b24a003d6Fixedcc0dd4456f9573bf8af9b4d8754433918e809e1eFixed9708f1956eeb70c86943e0bc62fa3b0101b59616Fixed396b8e7ab2a99ddac57d3522b3da5e58cb608d37Fixede5f28623ceb103e13fc3d7bd45edf9818b227fd0
Affected versions
v5.*
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.10.1
v5.10.10
v5.10.100
v5.10.101
v5.10.102
v5.10.103
v5.10.104
v5.10.105
v5.10.106
v5.10.107
v5.10.108
v5.10.109
v5.10.11
v5.10.110
v5.10.111
v5.10.112
v5.10.113
v5.10.114
v5.10.115
v5.10.116
v5.10.117
v5.10.118
v5.10.119
v5.10.12
v5.10.120
v5.10.13
v5.10.14
v5.10.15
v5.10.16
v5.10.17
v5.10.18
v5.10.19
v5.10.2
v5.10.20
v5.10.21
v5.10.22
v5.10.23
v5.10.24
v5.10.25
v5.10.26
v5.10.27
v5.10.28
v5.10.29
v5.10.3
v5.10.30
v5.10.31
v5.10.32
v5.10.33
v5.10.34
v5.10.35
v5.10.36
v5.10.37
v5.10.38
v5.10.39
v5.10.4
v5.10.40
v5.10.41
v5.10.42
v5.10.43
v5.10.44
v5.10.45
v5.10.46
v5.10.47
v5.10.48
v5.10.49
v5.10.5
v5.10.50
v5.10.51
v5.10.52
v5.10.53
v5.10.54
v5.10.55
v5.10.56
v5.10.57
v5.10.58
v5.10.59
v5.10.6
v5.10.60
v5.10.61
v5.10.62
v5.10.63
v5.10.64
v5.10.65
v5.10.66
v5.10.67
v5.10.68
v5.10.69
v5.10.7
v5.10.70
v5.10.71
v5.10.72
v5.10.73
v5.10.74
v5.10.75
v5.10.76
v5.10.77
v5.10.78
v5.10.79
v5.10.8
v5.10.80
v5.10.81
v5.10.82
v5.10.83
v5.10.84
v5.10.85
v5.10.86
v5.10.87
v5.10.88
v5.10.89
v5.10.9
v5.10.90
v5.10.91
v5.10.92
v5.10.93
v5.10.94
v5.10.95
v5.10.96
v5.10.97
v5.10.98
v5.10.99
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.17.1
v5.17.10
v5.17.11
v5.17.12
v5.17.13
v5.17.2
v5.17.3
v5.17.4
v5.17.5
v5.17.6
v5.17.7
v5.17.8
v5.17.9
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.18.1
v5.18.2
v5.7
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49549.json"
vanir_signatures
[
{
"id": "CVE-2022-49549-07edc6be",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"98865187850246403594217387134457242572",
"220500634659700670900345318586710686494",
"32396130149229949277459664283369032324",
"129235138131256035279001934137652067374",
"71895436812835490876473009377663664496",
"307754191927717226077314384042422907130",
"164244904082721218879848330700957632265",
"331098942051249851830744378284498887195",
"273326007964054498324616075715160172676",
"229347368821456143251178312906799399619",
"238739231928532082113053900871141745626",
"145586822091903320296059980379640192617",
"242901364224294792752817937710837152601",
"200323716473515582835233269117231101540",
"328069189620479232663549944267544045229",
"32525972324408775302262888955998224502",
"233573369716280333167622442838265028002",
"217703139503395137815656086205449045721",
"54683191847825533208805552969470786093",
"243968537903120855237584826648371962651",
"313930157053015999058878407718174198464",
"282503508093702763332430824091456033615",
"255503118194588309039742331020016560059",
"158572846677813196321988215329322140143",
"247663668690355698474957400885572903695",
"176228870425705424720200444952518699547",
"51656744509040908257010276911845323069",
"196329885499182592979874845197918860724"
]
},
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e5f28623ceb103e13fc3d7bd45edf9818b227fd0",
"deprecated": false
},
{
"id": "CVE-2022-49549-146a754d",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c",
"function": "mce_threshold_create_device"
},
"digest": {
"function_hash": "286436873832572405640431805242475339441",
"length": 661.0
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b4acb8e7f1594607bc9017ef0aacb40b24a003d6",
"deprecated": false
},
{
"id": "CVE-2022-49549-299b9e08",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c",
"function": "mce_threshold_remove_device"
},
"digest": {
"function_hash": "259628308252731732372610212240595543055",
"length": 350.0
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b4acb8e7f1594607bc9017ef0aacb40b24a003d6",
"deprecated": false
},
{
"id": "CVE-2022-49549-441623ac",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c",
"function": "mce_threshold_remove_device"
},
"digest": {
"function_hash": "259628308252731732372610212240595543055",
"length": 350.0
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cc0dd4456f9573bf8af9b4d8754433918e809e1e",
"deprecated": false
},
{
"id": "CVE-2022-49549-53139f1e",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c",
"function": "mce_threshold_create_device"
},
"digest": {
"function_hash": "286436873832572405640431805242475339441",
"length": 661.0
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9708f1956eeb70c86943e0bc62fa3b0101b59616",
"deprecated": false
},
{
"id": "CVE-2022-49549-67e8c9e7",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c",
"function": "mce_threshold_create_device"
},
"digest": {
"function_hash": "286436873832572405640431805242475339441",
"length": 661.0
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@396b8e7ab2a99ddac57d3522b3da5e58cb608d37",
"deprecated": false
},
{
"id": "CVE-2022-49549-7551b5f3",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"98865187850246403594217387134457242572",
"220500634659700670900345318586710686494",
"32396130149229949277459664283369032324",
"129235138131256035279001934137652067374",
"71895436812835490876473009377663664496",
"307754191927717226077314384042422907130",
"164244904082721218879848330700957632265",
"331098942051249851830744378284498887195",
"273326007964054498324616075715160172676",
"229347368821456143251178312906799399619",
"238739231928532082113053900871141745626",
"145586822091903320296059980379640192617",
"242901364224294792752817937710837152601",
"200323716473515582835233269117231101540",
"328069189620479232663549944267544045229",
"32525972324408775302262888955998224502",
"233573369716280333167622442838265028002",
"217703139503395137815656086205449045721",
"54683191847825533208805552969470786093",
"243968537903120855237584826648371962651",
"313930157053015999058878407718174198464",
"282503508093702763332430824091456033615",
"255503118194588309039742331020016560059",
"158572846677813196321988215329322140143",
"247663668690355698474957400885572903695",
"176228870425705424720200444952518699547",
"51656744509040908257010276911845323069",
"196329885499182592979874845197918860724"
]
},
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@396b8e7ab2a99ddac57d3522b3da5e58cb608d37",
"deprecated": false
},
{
"id": "CVE-2022-49549-75bb9293",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"98865187850246403594217387134457242572",
"220500634659700670900345318586710686494",
"32396130149229949277459664283369032324",
"129235138131256035279001934137652067374",
"71895436812835490876473009377663664496",
"307754191927717226077314384042422907130",
"164244904082721218879848330700957632265",
"331098942051249851830744378284498887195",
"273326007964054498324616075715160172676",
"229347368821456143251178312906799399619",
"238739231928532082113053900871141745626",
"145586822091903320296059980379640192617",
"242901364224294792752817937710837152601",
"200323716473515582835233269117231101540",
"328069189620479232663549944267544045229",
"32525972324408775302262888955998224502",
"233573369716280333167622442838265028002",
"217703139503395137815656086205449045721",
"54683191847825533208805552969470786093",
"243968537903120855237584826648371962651",
"313930157053015999058878407718174198464",
"282503508093702763332430824091456033615",
"255503118194588309039742331020016560059",
"158572846677813196321988215329322140143",
"247663668690355698474957400885572903695",
"176228870425705424720200444952518699547",
"51656744509040908257010276911845323069",
"196329885499182592979874845197918860724"
]
},
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cc0dd4456f9573bf8af9b4d8754433918e809e1e",
"deprecated": false
},
{
"id": "CVE-2022-49549-7d1af586",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c",
"function": "mce_threshold_remove_device"
},
"digest": {
"function_hash": "259628308252731732372610212240595543055",
"length": 350.0
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e5f28623ceb103e13fc3d7bd45edf9818b227fd0",
"deprecated": false
},
{
"id": "CVE-2022-49549-8bdd6877",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"98865187850246403594217387134457242572",
"220500634659700670900345318586710686494",
"32396130149229949277459664283369032324",
"129235138131256035279001934137652067374",
"71895436812835490876473009377663664496",
"307754191927717226077314384042422907130",
"164244904082721218879848330700957632265",
"331098942051249851830744378284498887195",
"273326007964054498324616075715160172676",
"229347368821456143251178312906799399619",
"238739231928532082113053900871141745626",
"145586822091903320296059980379640192617",
"242901364224294792752817937710837152601",
"200323716473515582835233269117231101540",
"328069189620479232663549944267544045229",
"32525972324408775302262888955998224502",
"233573369716280333167622442838265028002",
"217703139503395137815656086205449045721",
"54683191847825533208805552969470786093",
"243968537903120855237584826648371962651",
"313930157053015999058878407718174198464",
"282503508093702763332430824091456033615",
"255503118194588309039742331020016560059",
"158572846677813196321988215329322140143",
"247663668690355698474957400885572903695",
"176228870425705424720200444952518699547",
"51656744509040908257010276911845323069",
"196329885499182592979874845197918860724"
]
},
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b4acb8e7f1594607bc9017ef0aacb40b24a003d6",
"deprecated": false
},
{
"id": "CVE-2022-49549-9f5d987d",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c",
"function": "mce_threshold_create_device"
},
"digest": {
"function_hash": "286436873832572405640431805242475339441",
"length": 661.0
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cc0dd4456f9573bf8af9b4d8754433918e809e1e",
"deprecated": false
},
{
"id": "CVE-2022-49549-a272234a",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c"
},
"digest": {
"threshold": 0.9,
"line_hashes": [
"98865187850246403594217387134457242572",
"220500634659700670900345318586710686494",
"32396130149229949277459664283369032324",
"129235138131256035279001934137652067374",
"71895436812835490876473009377663664496",
"307754191927717226077314384042422907130",
"164244904082721218879848330700957632265",
"331098942051249851830744378284498887195",
"273326007964054498324616075715160172676",
"229347368821456143251178312906799399619",
"238739231928532082113053900871141745626",
"145586822091903320296059980379640192617",
"242901364224294792752817937710837152601",
"200323716473515582835233269117231101540",
"328069189620479232663549944267544045229",
"32525972324408775302262888955998224502",
"233573369716280333167622442838265028002",
"217703139503395137815656086205449045721",
"54683191847825533208805552969470786093",
"243968537903120855237584826648371962651",
"313930157053015999058878407718174198464",
"282503508093702763332430824091456033615",
"255503118194588309039742331020016560059",
"158572846677813196321988215329322140143",
"247663668690355698474957400885572903695",
"176228870425705424720200444952518699547",
"51656744509040908257010276911845323069",
"196329885499182592979874845197918860724"
]
},
"signature_type": "Line",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9708f1956eeb70c86943e0bc62fa3b0101b59616",
"deprecated": false
},
{
"id": "CVE-2022-49549-bebc8f17",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c",
"function": "mce_threshold_remove_device"
},
"digest": {
"function_hash": "259628308252731732372610212240595543055",
"length": 350.0
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@396b8e7ab2a99ddac57d3522b3da5e58cb608d37",
"deprecated": false
},
{
"id": "CVE-2022-49549-dd705481",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c",
"function": "mce_threshold_remove_device"
},
"digest": {
"function_hash": "259628308252731732372610212240595543055",
"length": 350.0
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9708f1956eeb70c86943e0bc62fa3b0101b59616",
"deprecated": false
},
{
"id": "CVE-2022-49549-ff5cabe7",
"signature_version": "v1",
"target": {
"file": "arch/x86/kernel/cpu/mce/amd.c",
"function": "mce_threshold_create_device"
},
"digest": {
"function_hash": "286436873832572405640431805242475339441",
"length": 661.0
},
"signature_type": "Function",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e5f28623ceb103e13fc3d7bd45edf9818b227fd0",
"deprecated": false
}
]