CVE-2022-49546: 
Linux Kernel vulnerability analysis and mitigation

CVE-2022-49546 addresses a memory leak vulnerability in the Linux kernel's x86/kexec subsystem. The issue specifically affects the handling of ELF header buffers during kernel execution. The vulnerability was discovered when a memory leak was detected by the kmemleak detector, showing an unreferenced object of size 4096 bytes in the kexec process (Kernel Git).

The vulnerability occurs in the crashprepareelf64headers() function where a buffer is allocated via vmalloc() to store ELF headers. The issue arises because this buffer is not properly freed when the kdump kernel is reloaded or unloaded. The bug was identified in the x8664 architecture implementation, specifically in the arch/x86/kernel/machinekexec64.c file. The vulnerability was confirmed through memory leak detection showing an unreferenced object at address 0xffffc900002a9000 (Kernel Git).

The vulnerability results in a memory leak in the Linux kernel's kexec subsystem. While memory leaks don't typically present immediate security risks, they can lead to resource exhaustion over time, potentially affecting system stability and performance, particularly in systems that frequently use the kexec functionality (Kernel Git).

The issue has been resolved by introducing an x86-specific function archkimagefilepostload_cleanup() that properly frees the ELF header buffer. The fix also removes incorrect ELF header buffer freeing code that was previously in place. The patch ensures proper cleanup of allocated resources when the kexec operation is completed (Kernel Git).