CVE-2022-50055
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-06-18

Last updated on: 2025-11-13

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavf_alloc_asq_bufs/iavf_alloc_arq_bufs allocates with dma_alloc_coherent memory for VF mailbox. Free DMA regions for both ASQ and ARQ in case error happens during configuration of ASQ/ARQ registers. Without this change it is possible to see when unloading interface: 74626.583369: dma_debug_device_change: device driver has pending DMA allocations while released from device [count=32] One of leaked entries details: [device address=0x0000000b27ff9000] [size=4096 bytes] [mapped with DMA_BIDIRECTIONAL] [mapped as coherent]
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-18
Last Modified
2025-11-13
Generated
2026-05-07
AI Q&A
2025-06-18
EPSS Evaluated
2026-05-05
NVD
CVE-2022-50055
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
linux linux_kernel 6.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves improper error handling in the iavf driver of the Linux kernel. Specifically, when allocating DMA coherent memory for the VF mailbox, if an error occurs during the configuration of ASQ/ARQ registers, the allocated DMA memory is not freed properly. This leads to memory leaks of DMA regions when the network interface is unloaded.


How can this vulnerability impact me? :

The impact of this vulnerability is that it can cause memory leaks in the DMA regions used by the iavf driver. This can lead to resource exhaustion or instability in the system when the network interface is unloaded, potentially affecting system performance or causing unexpected behavior.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by observing error messages related to DMA allocations when unloading the network interface. Specifically, look for messages like: 'dma_debug_device_change: device driver has pending DMA allocations while released from device [count=32]'. You can check the system logs using commands such as 'dmesg | grep dma_debug_device_change' or 'journalctl -k | grep dma_debug_device_change' to identify these errors.


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, update the Linux kernel to a version where the iavf driver has the fix for proper adminq error handling and freeing of DMA regions during ASQ/ARQ configuration errors. This prevents DMA memory leaks when unloading the interface. Until then, monitor for the described error messages and avoid unloading the interface unnecessarily.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart