CVE-2022-50263

MEDIUM

Linux Kernel < 6.0.19 - Memory Leak

Title source: rule

Description

In the Linux kernel, the following vulnerability has been resolved: vdpasim: fix memory leak when freeing IOTLBs After commit bda324fd037a ("vdpasim: control virtqueue support"), vdpasim->iommu became an array of IOTLB, so we should clean the mappings of each free one by one instead of just deleting the ranges in the first IOTLB which may leak maps.

References (3)

[Patch] https://git.kernel.org/stable/c/0b7a04a30eef20e6b24926a45c0ce7906ae85bd6

[Patch] https://git.kernel.org/stable/c/16b22e27fba6fd816d0dcb98f42cc71f0836c27e

[Patch] https://git.kernel.org/stable/c/54b210c90d2803a9f1c8fd2f0d08e90172e9a06d

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 1.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-401

Status published

Affected Products (5)

linux/linux_kernel < 6.0.19

linux/linux_kernel

linux/Kernel < 6.0.19linux

linux/Kernel < 6.1.5linux

Timeline

Published Sep 15, 2025

Tracked Since Feb 18, 2026