CVE-2022-50482
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-04

Last updated on: 2025-10-06

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up si_domain in the init_dmars() error path A splat from kmem_cache_destroy() was seen with a kernel prior to commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool") when there was a failure in init_dmars(), because the iommu_domain cache still had objects. While the mempool code is now gone, there still is a leak of the si_domain memory if init_dmars() fails. So clean up si_domain in the init_dmars() error path.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-04
Last Modified
2025-10-06
Generated
2026-06-16
AI Q&A
2025-10-04
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50482
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability involves a memory leak in the Linux kernel's iommu/vt-d component. Specifically, if the init_dmars() function fails, the si_domain memory is not properly cleaned up, leading to a leak. This issue was present before a certain commit that removed the domain and devinfo mempool. The problem was that the iommu_domain cache still had objects during failure, causing a splat from kmem_cache_destroy(). The fix ensures that si_domain is cleaned up properly in the error path of init_dmars().

Impact Analysis

The vulnerability can cause a memory leak in the Linux kernel, which may lead to increased memory usage and potentially degrade system stability or performance over time if the init_dmars() function fails. However, no direct information about exploitation or broader impacts is provided.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50482. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart