CVE-2022-49994

MEDIUM

Linux Kernel < 5.15.64 - Memory Leak

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: bootmem: remove the vmemmap pages from kmemleak in put_page_bootmem The vmemmap pages is marked by kmemleak when allocated from memblock. Remove it from kmemleak when freeing the page. Otherwise, when we reuse the page, kmemleak may report such an error and then stop working. kmemleak: Cannot insert 0xffff98fb6eab3d40 into the object search tree (overlaps existing) kmemleak: Kernel memory leak detector disabled kmemleak: Object 0xffff98fb6be00000 (size 335544320): kmemleak: comm "swapper", pid 0, jiffies 4294892296 kmemleak: min_count = 0 kmemleak: count = 0 kmemleak: flags = 0x1 kmemleak: checksum = 0 kmemleak: backtrace:

References (3)

[Patch] https://git.kernel.org/stable/c/16a12ee619e39e8112f61b603255c16b73b6264b

[Patch] https://git.kernel.org/stable/c/9ae15c4ba2be1e5a62503b6d873e84beb5fcbb5a

[Patch] https://git.kernel.org/stable/c/dd0ff4d12dd284c334f7e9b07f8f335af856ac78

Scores

CVSS v3 5.5

EPSS 0.0002

EPSS Percentile 3.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (5)

linux/linux_kernel < 5.15.64

linux/linux_kernel

linux/Kernel < 5.15.64linux

linux/Kernel < 5.19.6linux

Timeline

Published Jun 18, 2025

Tracked Since Feb 18, 2026