CVE-2022-50482
iommu/vt-d: Clean up si_domain in the init_dmars() error path
Description
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up si_domain in the init_dmars() error path A splat from kmem_cache_destroy() was seen with a kernel prior to commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool") when there was a failure in init_dmars(), because the iommu_domain cache still had objects. While the mempool code is now gone, there still is a leak of the si_domain memory if init_dmars() fails. So clean up si_domain in the init_dmars() error path.
INFO
Published Date :
Oct. 4, 2025, 4:15 p.m.
Last Modified :
Oct. 6, 2025, 2:56 p.m.
Remotely Exploit :
No
Source :
416baaa9-dc9f-4396-8d5f-8c081fb06d67
Solution
- Update the Linux kernel to the latest version.
- Ensure all patches related to vt-d and iommu are applied.
- Verify memory leak is resolved in init_dmars().
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2022-50482.
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2022-50482 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2022-50482
weaknesses.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2022-50482 vulnerability anywhere in the article.
The following table lists the changes that have been made to the
CVE-2022-50482 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
New CVE Received by 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Oct. 04, 2025
Action Type Old Value New Value Added Description In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clean up si_domain in the init_dmars() error path A splat from kmem_cache_destroy() was seen with a kernel prior to commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool") when there was a failure in init_dmars(), because the iommu_domain cache still had objects. While the mempool code is now gone, there still is a leak of the si_domain memory if init_dmars() fails. So clean up si_domain in the init_dmars() error path. Added Reference https://git.kernel.org/stable/c/0365d6af75f9f2696e94a0fef24a2c8464c037c8 Added Reference https://git.kernel.org/stable/c/5cecfe151874b835331efe086bbdcaeaf64f6b90 Added Reference https://git.kernel.org/stable/c/620bf9f981365c18cc2766c53d92bf8131c63f32 Added Reference https://git.kernel.org/stable/c/724483b585a1b1e063d42ac5aa835707ff2ec165 Added Reference https://git.kernel.org/stable/c/749bea542b67513e99240dc58bbfc099e842d508 Added Reference https://git.kernel.org/stable/c/c4ad3ae4c6be9d8b0701761c839771116bca6ea3 Added Reference https://git.kernel.org/stable/c/d74196bb278b8f8af88e16bd595997dfa3d6fdb0