SB20250226172 - Memory leak in Linux kernel mm
Published: February 26, 2025 Updated: May 11, 2025
Security Bulletin ID
SB20250226172
Severity
Low
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Local access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory leak (CVE-ID: CVE-2022-49052)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the end_swap_bio_write(), end_swap_bio_read() and swap_readpage() functions in mm/page_io.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.
References
- https://git.kernel.org/stable/c/12ba1d38115a101c45d8e0ca3aa1181fd148e57f
- https://git.kernel.org/stable/c/20ed94f8181a25212e7404e44958e234f407624b
- https://git.kernel.org/stable/c/afac4b88699a06c8b9369f9d759a1ec3c254b788
- https://git.kernel.org/stable/c/e914d8f00391520ecc4495dd0ca0124538ab7119
- https://git.kernel.org/stable/c/f098f8b9820fe3f2e41aefc4329dfe8a3859d1c1
- https://git.kernel.org/stable/c/f86d55cf616199404c05f5b0c5c41b17351baa02
- https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.242