Memory Leak Issue in Linux Kernel Affecting blk-iolatency Feature
CVE-2022-50550
What is CVE-2022-50550?
A memory leak vulnerability affects the blk-iolatency feature in the Linux kernel, occurring when a gendisk is initialized successfully but the add_disk() function fails. This situation arises, for instance, when a loop device is created with an invalid number of minor device numbers. The iolatency component is initialized correctly during the initialization phase but is not cleaned up during error handling, leading to potential resource exhaustion. To mitigate this issue, an additional call to rq_qos_exit() has been implemented in the blkcg_exit_disk() function, ensuring that resources are freed even in error states. This fix highlights the importance of managing resource allocation efficiently within kernel protocols.
Affected Version(s)
Linux d70675121546c35feaceebf7ed9caed8716640f3 < 2a126e1db5553ce4498290df019866952f858954
Linux d70675121546c35feaceebf7ed9caed8716640f3 < 215f9437dda09531bcb80605298a24219f01cec5
Linux d70675121546c35feaceebf7ed9caed8716640f3 < 813e693023ba10da9e75067780f8378465bf27cc