CVE-2022-50482
Unknown Unknown - Not Provided

BaseFortify

Vulnerability report for CVE-2022-50482, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-10-04

Last updated on: 2025-10-06

Assigner: kernel.org

Description

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up si_domain in the init_dmars() error path A splat from kmem_cache_destroy() was seen with a kernel prior to commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool") when there was a failure in init_dmars(), because the iommu_domain cache still had objects. While the mempool code is now gone, there still is a leak of the si_domain memory if init_dmars() fails. So clean up si_domain in the init_dmars() error path.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-10-04
Last Modified
2025-10-06
Generated
2026-07-06
AI Q&A
2025-10-04
EPSS Evaluated
2026-07-05
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability involves a memory leak in the Linux kernel's iommu/vt-d component. Specifically, if the init_dmars() function fails, the si_domain memory is not properly cleaned up, leading to a leak. This issue was present before a certain commit that removed the domain and devinfo mempool. The problem was that the iommu_domain cache still had objects during failure, causing a splat from kmem_cache_destroy(). The fix ensures that si_domain is cleaned up properly in the error path of init_dmars().

Impact Analysis

The vulnerability can cause a memory leak in the Linux kernel, which may lead to increased memory usage and potentially degrade system stability or performance over time if the init_dmars() function fails. However, no direct information about exploitation or broader impacts is provided.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50482. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart