CVE-2022-50434

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak issue was identified within the Linux kernel’s block I/O queue management (blk-mq) subsystem. Specifically, the issue occurs during the registration of hardware contexts ('hctx') when the process fails midway. The blk mq register hctx function may add some objects before failing, but lacks a fallback mechanism to properly release these objects, leading to a memory leak. The backtrace indicates the issue is related to memory allocation (kmalloc node trace) and hardware context handling (blk mq alloc and init hctx). The vulnerability is triggered during fault injection testing involving kobject add, blk mq register hctx, blk mq sysfs register, blk register queue, device add disk, and null add dev.part.0.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.