CVE-2022-50836

Vulnerability

In the Linux kernel's remoteproc subsystem, the qcom_add_sysmon_subdev() function in the sysmon driver contains a memory leak. When of_irq_get_byname() or devm_request_threaded_irq() fails, the allocated memory for the sysmon subdevice is not freed, causing a leak [1][2][3].

Exploitation

An attacker with the ability to trigger a failure in interrupt registration (e.g., by manipulating device tree entries or exhausting IRQ resources) could repeatedly trigger this code path. No special privileges are required beyond the ability to cause the probe to fail, which may be achievable through local access to the device tree or through hotplug events.

Impact

Repeated exploitation leads to kernel memory exhaustion, potentially causing denial of service (system instability or crash). There is no evidence of code execution or privilege escalation from this bug.

Mitigation

The fix adds a kfree() call before returning on error, which has been backported to stable kernels [1][2][3]. Users should apply the latest kernel updates from their distribution.