CVE-2022-49546

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A memory leak has been identified in the Linux kernel, specifically in the x86/kexec component. The issue arises from the crash prepare elf64 headers() function, where a buffer allocated via vmalloc() to store elf headers is not properly freed when the kdump kernel is reloaded or unloaded. This results in a memory leak. The leak was detected by the kmemleak detector and has been reported by three individuals.

Recommendations To resolve the issue, introduce an x86-specific function arch kimage file post load cleanup() to free the buffer after kexec file loading. Additionally, remove the incorrect elf header buffer freeing code, as it does not make sense to free the buffer in its current location, given that image->elf headers must be NULL before calling the arch-specific kexec file loading function. At the moment, there is no information about a newer version that contains a fix for this vulnerability.