CVE-2022-50711

Vulnerability

Analysis

In the Linux kernel's MediaTek Ethernet SoC driver (mtk_eth_soc), a memory leak vulnerability exists in the mtk_probe() function. The root cause is that when mtk_wed_add_hw() is successfully called during probe, the corresponding cleanup function mtk_wed_exit() is not invoked in error paths or during module removal. This omission leads to memory allocated by mtk_wed_add_hw() being leaked [1].

Exploitation and

Impact

An attacker cannot directly trigger this vulnerability from user space; it is a resource leak that occurs during driver initialization or removal. The attack surface is limited to scenarios where the driver is loaded or unloaded, such as system boot or module insertion/removal of the kernel module. No authentication or special privileges are required to trigger the leak, but the impact is primarily a gradual depletion of kernel memory, which could lead to denial of service over time if the driver is repeatedly probed or removed [1].

Mitigation

The fix is included in Linux kernel stable updates. The commit referenced ensures that mtk_wed_exit() is called in all error paths after a successful `mtk_wed_add_hw() call, and also during module removal. Users should update to a kernel version containing this fix [1].