5.5

CVE-2022-50482

iommu/vt-d: Clean up si_domain in the init_dmars() error path

In the Linux kernel, the following vulnerability has been resolved:

iommu/vt-d: Clean up si_domain in the init_dmars() error path

A splat from kmem_cache_destroy() was seen with a kernel prior to
commit ee2653bbe89d ("iommu/vt-d: Remove domain and devinfo mempool")
when there was a failure in init_dmars(), because the iommu_domain
cache still had objects. While the mempool code is now gone, there
still is a leak of the si_domain memory if init_dmars() fails. So
clean up si_domain in the init_dmars() error path.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.2 < 4.14.298
LinuxLinux Kernel Version >= 4.15 < 4.19.264
LinuxLinux Kernel Version >= 4.20 < 5.4.221
LinuxLinux Kernel Version >= 5.5 < 5.10.152
LinuxLinux Kernel Version >= 5.11 < 5.15.76
LinuxLinux Kernel Version >= 5.16 < 6.0.6
LinuxLinux Kernel Version6.1 Updaterc1
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.15% 0.046
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.5 1.8 3.6
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE-908 Use of Uninitialized Resource

The product uses or accesses a resource that has not been initialized.

https://git.kernel.org/stable/c/749bea542b67513e99240dc58bbfc099e842d508
Patch
https://git.kernel.org/stable/c/5cecfe151874b835331efe086bbdcaeaf64f6b90
Patch
https://git.kernel.org/stable/c/724483b585a1b1e063d42ac5aa835707ff2ec165
Patch
https://git.kernel.org/stable/c/d74196bb278b8f8af88e16bd595997dfa3d6fdb0
Patch
https://git.kernel.org/stable/c/0365d6af75f9f2696e94a0fef24a2c8464c037c8
Patch
https://git.kernel.org/stable/c/c4ad3ae4c6be9d8b0701761c839771116bca6ea3
Patch
https://git.kernel.org/stable/c/620bf9f981365c18cc2766c53d92bf8131c63f32
Patch