{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-49784", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-05-01T14:05:17.223Z", "datePublished": "2025-05-01T14:09:17.695Z", "dateUpdated": "2025-05-04T08:45:17.907Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T08:45:17.907Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/amd/uncore: Fix memory leak for events array\n\nWhen a CPU comes online, the per-CPU NB and LLC uncore contexts are\nfreed but not the events array within the context structure. This\ncauses a memory leak as identified by the kmemleak detector.\n\n [...]\n unreferenced object 0xffff8c5944b8e320 (size 32):\n comm \"swapper/0\", pid 1, jiffies 4294670387 (age 151.072s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<000000000759fb79>] amd_uncore_cpu_up_prepare+0xaf/0x230\n [<00000000ddc9e126>] cpuhp_invoke_callback+0x2cf/0x470\n [<0000000093e727d4>] cpuhp_issue_call+0x14d/0x170\n [<0000000045464d54>] __cpuhp_setup_state_cpuslocked+0x11e/0x330\n [<0000000069f67cbd>] __cpuhp_setup_state+0x6b/0x110\n [<0000000015365e0f>] amd_uncore_init+0x260/0x321\n [<00000000089152d2>] do_one_initcall+0x3f/0x1f0\n [<000000002d0bd18d>] kernel_init_freeable+0x1ca/0x212\n [<0000000030be8dde>] kernel_init+0x11/0x120\n [<0000000059709e59>] ret_from_fork+0x22/0x30\n unreferenced object 0xffff8c5944b8dd40 (size 64):\n comm \"swapper/0\", pid 1, jiffies 4294670387 (age 151.072s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<00000000306efe8b>] amd_uncore_cpu_up_prepare+0x183/0x230\n [<00000000ddc9e126>] cpuhp_invoke_callback+0x2cf/0x470\n [<0000000093e727d4>] cpuhp_issue_call+0x14d/0x170\n [<0000000045464d54>] __cpuhp_setup_state_cpuslocked+0x11e/0x330\n [<0000000069f67cbd>] __cpuhp_setup_state+0x6b/0x110\n [<0000000015365e0f>] amd_uncore_init+0x260/0x321\n [<00000000089152d2>] do_one_initcall+0x3f/0x1f0\n [<000000002d0bd18d>] kernel_init_freeable+0x1ca/0x212\n [<0000000030be8dde>] kernel_init+0x11/0x120\n [<0000000059709e59>] ret_from_fork+0x22/0x30\n [...]\n\nFix the problem by freeing the events array before freeing the uncore\ncontext."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/events/amd/uncore.c"], "versions": [{"version": "39621c5808f5dda75d03dc4b2d4d2b13a5a1c34b", "lessThan": "f75be9885d49e3717de962345c4572ddab52b178", "status": "affected", "versionType": "git"}, {"version": "39621c5808f5dda75d03dc4b2d4d2b13a5a1c34b", "lessThan": "bdfe34597139cfcecd47a2eb97fea44d77157491", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["arch/x86/events/amd/uncore.c"], "versions": [{"version": "6.0", "status": "affected"}, {"version": "0", "lessThan": "6.0", "status": "unaffected", "versionType": "semver"}, {"version": "6.0.10", "lessThanOrEqual": "6.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.0.10"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/f75be9885d49e3717de962345c4572ddab52b178"}, {"url": "https://git.kernel.org/stable/c/bdfe34597139cfcecd47a2eb97fea44d77157491"}], "title": "perf/x86/amd/uncore: Fix memory leak for events array", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "74D8840E-7DE8-47C4-AE8E-372F0C6DF7BB", "versionEndExcluding": "6.0.10", "versionStartIncluding": "6.0", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc1:*:*:*:*:*:*", "matchCriteriaId": "E7E331DA-1FB0-4DEC-91AC-7DA69D461C11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc2:*:*:*:*:*:*", "matchCriteriaId": "17F0B248-42CF-4AE6-A469-BB1BAE7F4705", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc3:*:*:*:*:*:*", "matchCriteriaId": "E2422816-0C14-4B5E-A1E6-A9D776E5C49B", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc4:*:*:*:*:*:*", "matchCriteriaId": "1C6E00FE-5FB9-4D20-A1A1-5A32128F9B76", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.1:rc5:*:*:*:*:*:*", "matchCriteriaId": "35B26BE4-43A6-4A36-A7F6-5B3F572D9186", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/x86/amd/uncore: Fix memory leak for events array\n\nWhen a CPU comes online, the per-CPU NB and LLC uncore contexts are\nfreed but not the events array within the context structure. This\ncauses a memory leak as identified by the kmemleak detector.\n\n [...]\n unreferenced object 0xffff8c5944b8e320 (size 32):\n comm \"swapper/0\", pid 1, jiffies 4294670387 (age 151.072s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<000000000759fb79>] amd_uncore_cpu_up_prepare+0xaf/0x230\n [<00000000ddc9e126>] cpuhp_invoke_callback+0x2cf/0x470\n [<0000000093e727d4>] cpuhp_issue_call+0x14d/0x170\n [<0000000045464d54>] __cpuhp_setup_state_cpuslocked+0x11e/0x330\n [<0000000069f67cbd>] __cpuhp_setup_state+0x6b/0x110\n [<0000000015365e0f>] amd_uncore_init+0x260/0x321\n [<00000000089152d2>] do_one_initcall+0x3f/0x1f0\n [<000000002d0bd18d>] kernel_init_freeable+0x1ca/0x212\n [<0000000030be8dde>] kernel_init+0x11/0x120\n [<0000000059709e59>] ret_from_fork+0x22/0x30\n unreferenced object 0xffff8c5944b8dd40 (size 64):\n comm \"swapper/0\", pid 1, jiffies 4294670387 (age 151.072s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [<00000000306efe8b>] amd_uncore_cpu_up_prepare+0x183/0x230\n [<00000000ddc9e126>] cpuhp_invoke_callback+0x2cf/0x470\n [<0000000093e727d4>] cpuhp_issue_call+0x14d/0x170\n [<0000000045464d54>] __cpuhp_setup_state_cpuslocked+0x11e/0x330\n [<0000000069f67cbd>] __cpuhp_setup_state+0x6b/0x110\n [<0000000015365e0f>] amd_uncore_init+0x260/0x321\n [<00000000089152d2>] do_one_initcall+0x3f/0x1f0\n [<000000002d0bd18d>] kernel_init_freeable+0x1ca/0x212\n [<0000000030be8dde>] kernel_init+0x11/0x120\n [<0000000059709e59>] ret_from_fork+0x22/0x30\n [...]\n\nFix the problem by freeing the events array before freeing the uncore\ncontext."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: perf/x86/amd/uncore: Se corrige una fuga de memoria en la matriz de eventos. Cuando una CPU se conecta, se liberan los contextos de n\u00facleo \u00fanico (NB) y LLC por CPU, pero no la matriz de eventos dentro de la estructura del contexto. Esto provoca una fuga de memoria, identificada por el detector kmemleak. [...] objeto sin referencia 0xffff8c5944b8e320 (tama\u00f1o 32): comm \"swapper/0\", pid 1, jiffies 4294670387 (edad 151.072s) volcado hexadecimal (primeros 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ backtrace: [&lt;000000000759fb79&gt;] amd_uncore_cpu_up_prepare+0xaf/0x230 [&lt;00000000ddc9e126&gt;] cpuhp_invoke_callback+0x2cf/0x470 [&lt;0000000093e727d4&gt;] cpuhp_issue_call+0x14d/0x170 [&lt;0000000045464d54&gt;] __cpuhp_setup_state_cpuslocked+0x11e/0x330 [&lt;0000000069f67cbd&gt;] __cpuhp_setup_state+0x6b/0x110 [&lt;0000000015365e0f&gt;] amd_uncore_init+0x260/0x321 [&lt;00000000089152d2&gt;] do_one_initcall+0x3f/0x1f0 [&lt;000000002d0bd18d&gt;] kernel_init_freeable+0x1ca/0x212 [&lt;0000000030be8dde&gt;] kernel_init+0x11/0x120 [&lt;0000000059709e59&gt;] ret_from_fork+0x22/0x30 objeto sin referencia 0xffff8c5944b8dd40 (tama\u00f1o 64): comm \"swapper/0\", pid 1, jiffies 4294670387 (edad 151.072s) volcado hexadecimal (primeros 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ seguimiento inverso: [&lt;00000000306efe8b&gt;] preparaci\u00f3n de CPU activada de AMD sin n\u00facleo + 0x183/0x230 [&lt;00000000ddc9e126&gt;] devoluci\u00f3n de llamada de invocaci\u00f3n de CPUHp + 0x2cf/0x470 [&lt;0000000093e727d4&gt;] llamada de emisi\u00f3n de CPUHp + 0x14d/0x170 [&lt;0000000045464d54&gt;] estado de configuraci\u00f3n de CPUHp bloqueado + 0x11e/0x330 [&lt;0000000069f67cbd&gt;] __cpuhp_setup_state+0x6b/0x110 [&lt;0000000015365e0f&gt;] amd_uncore_init+0x260/0x321 [&lt;00000000089152d2&gt;] do_one_initcall+0x3f/0x1f0 [&lt;000000002d0bd18d&gt;] kernel_init_freeable+0x1ca/0x212 [&lt;0000000030be8dde&gt;] kernel_init+0x11/0x120 [&lt;0000000059709e59&gt;] ret_from_fork+0x22/0x30 [...] Solucione el problema liberando la matriz de eventos antes de liberar el contexto uncore."}], "id": "CVE-2022-49784", "lastModified": "2025-11-07T17:49:00.690", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-05-01T15:16:01.610", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/bdfe34597139cfcecd47a2eb97fea44d77157491"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/f75be9885d49e3717de962345c4572ddab52b178"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: perf/x86/amd/uncore: Fix memory leak for events array", "id": "2363496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2363496"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nperf/x86/amd/uncore: Fix memory leak for events array\nWhen a CPU comes online, the per-CPU NB and LLC uncore contexts are\nfreed but not the events array within the context structure. This\ncauses a memory leak as identified by the kmemleak detector.\n[...]\nunreferenced object 0xffff8c5944b8e320 (size 32):\ncomm \"swapper/0\", pid 1, jiffies 4294670387 (age 151.072s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[<000000000759fb79>] amd_uncore_cpu_up_prepare+0xaf/0x230\n[<00000000ddc9e126>] cpuhp_invoke_callback+0x2cf/0x470\n[<0000000093e727d4>] cpuhp_issue_call+0x14d/0x170\n[<0000000045464d54>] __cpuhp_setup_state_cpuslocked+0x11e/0x330\n[<0000000069f67cbd>] __cpuhp_setup_state+0x6b/0x110\n[<0000000015365e0f>] amd_uncore_init+0x260/0x321\n[<00000000089152d2>] do_one_initcall+0x3f/0x1f0\n[<000000002d0bd18d>] kernel_init_freeable+0x1ca/0x212\n[<0000000030be8dde>] kernel_init+0x11/0x120\n[<0000000059709e59>] ret_from_fork+0x22/0x30\nunreferenced object 0xffff8c5944b8dd40 (size 64):\ncomm \"swapper/0\", pid 1, jiffies 4294670387 (age 151.072s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\nbacktrace:\n[<00000000306efe8b>] amd_uncore_cpu_up_prepare+0x183/0x230\n[<00000000ddc9e126>] cpuhp_invoke_callback+0x2cf/0x470\n[<0000000093e727d4>] cpuhp_issue_call+0x14d/0x170\n[<0000000045464d54>] __cpuhp_setup_state_cpuslocked+0x11e/0x330\n[<0000000069f67cbd>] __cpuhp_setup_state+0x6b/0x110\n[<0000000015365e0f>] amd_uncore_init+0x260/0x321\n[<00000000089152d2>] do_one_initcall+0x3f/0x1f0\n[<000000002d0bd18d>] kernel_init_freeable+0x1ca/0x212\n[<0000000030be8dde>] kernel_init+0x11/0x120\n[<0000000059709e59>] ret_from_fork+0x22/0x30\n[...]\nFix the problem by freeing the events array before freeing the uncore\ncontext."], "name": "CVE-2022-49784", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-05-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-49784\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-49784\nhttps://lore.kernel.org/linux-cve-announce/2025050120-CVE-2022-49784-12c5@gregkh/T"], "threat_severity": "Moderate"}

{"created": "2025-06-24T09:44:14.598915+00:00", "updated": "2025-06-24T09:44:14.598965+00:00", "vendors": ["linux", "linux$PRODUCT$linux_kernel"]}