CVE-2022-50669

Description

The vulnerability is a memory leak in the ocxl_file_register_afu() function within the Linux kernel's OpenCAPI (OCXL) driver. When device_register() fails, the name allocated by dev_set_name() is not freed, leading to a leak of kernel memory [1][2][3].

Exploitation

Exploitation requires triggering a failure in device_register() during the registration of an AFU (Accelerator Function Unit). An attacker with local access and the ability to manipulate device registration (e.g., via hotplug or certain sysfs operations) could potentially cause repeated failures, leading to gradual memory depletion. No special privileges beyond local access are necessary.

Impact

A successful exploitation can result in kernel memory exhaustion, potentially causing system instability or denial of service (DoS). The leak is small per occurrence, but repeated triggers could exhaust memory resources.

Mitigation

The fix involves calling put_device() in the error path, which triggers kobject_cleanup() to free the device name and the info structure via the info_release() callback. Patches are available in the stable kernel tree (e.g., commits [1], [2], [3]) and have been backported to affected versions. Users should update to the latest stable kernel.