{"id":"AZL-61715","summary":"CVE-2022-49901 affecting package kernel 5.15.200.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: Fix kmemleak in blk_mq_init_allocated_queue\n\nThere is a kmemleak caused by modprobe null_blk.ko\n\nunreferenced object 0xffff8881acb1f000 (size 1024):\n  comm \"modprobe\", pid 836, jiffies 4294971190 (age 27.068s)\n  hex dump (first 32 bytes):\n    00 00 00 00 ad 4e ad de ff ff ff ff 00 00 00 00  .....N..........\n    ff ff ff ff ff ff ff ff 00 53 99 9e ff ff ff ff  .........S......\n  backtrace:\n    [\u003c000000004a10c249\u003e] kmalloc_node_trace+0x22/0x60\n    [\u003c00000000648f7950\u003e] blk_mq_alloc_and_init_hctx+0x289/0x350\n    [\u003c00000000af06de0e\u003e] blk_mq_realloc_hw_ctxs+0x2fe/0x3d0\n    [\u003c00000000e00c1872\u003e] blk_mq_init_allocated_queue+0x48c/0x1440\n    [\u003c00000000d16b4e68\u003e] __blk_mq_alloc_disk+0xc8/0x1c0\n    [\u003c00000000d10c98c3\u003e] 0xffffffffc450d69d\n    [\u003c00000000b9299f48\u003e] 0xffffffffc4538392\n    [\u003c0000000061c39ed6\u003e] do_one_initcall+0xd0/0x4f0\n    [\u003c00000000b389383b\u003e] do_init_module+0x1a4/0x680\n    [\u003c0000000087cf3542\u003e] load_module+0x6249/0x7110\n    [\u003c00000000beba61b8\u003e] __do_sys_finit_module+0x140/0x200\n    [\u003c00000000fdcfff51\u003e] do_syscall_64+0x35/0x80\n    [\u003c000000003c0f1f71\u003e] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nThat is because q-\u003ema_ops is set to NULL before blk_release_queue is\ncalled.\n\nblk_mq_init_queue_data\n  blk_mq_init_allocated_queue\n    blk_mq_realloc_hw_ctxs\n      for (i = 0; i \u003c set-\u003enr_hw_queues; i++) {\n        old_hctx = xa_load(&q-\u003ehctx_table, i);\n        if (!blk_mq_alloc_and_init_hctx(.., i, ..))\t\t[1]\n          if (!old_hctx)\n\t    break;\n\n      xa_for_each_start(&q-\u003ehctx_table, j, hctx, j)\n        blk_mq_exit_hctx(q, set, hctx, j); \t\t\t[2]\n\n    if (!q-\u003enr_hw_queues)\t\t\t\t\t[3]\n      goto err_hctxs;\n\n  err_exit:\n      q-\u003emq_ops = NULL;\t\t\t  \t\t\t[4]\n\n  blk_put_queue\n    blk_release_queue\n      if (queue_is_mq(q))\t\t\t\t\t[5]\n        blk_mq_release(q);\n\n[1]: blk_mq_alloc_and_init_hctx failed at i != 0.\n[2]: The hctxs allocated by [1] are moved to q-\u003eunused_hctx_list and\nwill be cleaned up in blk_mq_release.\n[3]: q-\u003enr_hw_queues is 0.\n[4]: Set q-\u003emq_ops to NULL.\n[5]: queue_is_mq returns false due to [4]. And blk_mq_release\nwill not be called. The hctxs in q-\u003eunused_hctx_list are leaked.\n\nTo fix it, call blk_release_queue in exception path.","modified":"2026-04-01T05:19:54.840870Z","published":"2025-05-01T15:16:15Z","upstream":["CVE-2022-49901"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49901"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"5.15.200.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-61715.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}