CVE-2022-50482
📋 TL;DR
This CVE describes a memory leak vulnerability in the Linux kernel's Intel VT-d (Virtualization Technology for Directed I/O) subsystem. When the init_dmars() function fails during system initialization, it doesn't properly clean up the si_domain memory allocation, potentially leading to kernel memory exhaustion. This affects systems using Intel VT-d hardware virtualization with affected Linux kernel versions.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel memory exhaustion leading to system instability, crashes, or denial of service conditions that could disrupt virtualization environments and hosted workloads.
Likely Case
Memory leak causing gradual performance degradation over time, potentially requiring system reboots to clear accumulated memory allocations.
If Mitigated
Minimal impact as the leak occurs only during initialization failures, which are rare in stable systems.
🎯 Exploit Status
Exploitation requires triggering specific VT-d initialization failures, which is complex and requires privileged access or specific hardware conditions.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Multiple stable kernel versions containing commits: 0365d6af75f9f2696e94a0fef24a2c8464c037c8, 5cecfe151874b835331efe086bbdcaeaf64f6b90, 620bf9f981365c18cc2766c53d92bf8131c63f32, 724483b585a1b1e063d42ac5aa835707ff2ec165, 749bea542b67513e99240dc58bbfc099e842d508
Vendor Advisory: https://git.kernel.org/stable/c/
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check distribution-specific security advisories. 3. Reboot system to load patched kernel.
🔧 Temporary Workarounds
Disable Intel VT-d
linuxDisable VT-d hardware virtualization if not required, preventing the vulnerable code path from being executed.
Add 'intel_iommu=off' to kernel boot parameters in /etc/default/grub or bootloader configuration
🧯 If You Can't Patch
- Monitor system memory usage for unusual growth patterns
- Implement regular system reboots to clear potential memory accumulation
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if VT-d is enabled: 'uname -r' and 'dmesg | grep -i iommu'Check Version:
uname -rVerify Fix Applied:
Verify kernel version contains fix commits: 'uname -r' and check distribution patch notes📡 Detection & Monitoring
Log Indicators:
- Kernel oops messages
- Memory allocation failures in dmesg
- VT-d initialization error messages
Network Indicators:
- None - this is a local kernel vulnerability
SIEM Query:
Search for kernel panic logs, memory allocation failures, or VT-d related errors in system logs🔗 References
- https://git.kernel.org/stable/c/0365d6af75f9f2696e94a0fef24a2c8464c037c8
- https://git.kernel.org/stable/c/5cecfe151874b835331efe086bbdcaeaf64f6b90
- https://git.kernel.org/stable/c/620bf9f981365c18cc2766c53d92bf8131c63f32
- https://git.kernel.org/stable/c/724483b585a1b1e063d42ac5aa835707ff2ec165
- https://git.kernel.org/stable/c/749bea542b67513e99240dc58bbfc099e842d508
- https://git.kernel.org/stable/c/c4ad3ae4c6be9d8b0701761c839771116bca6ea3
- https://git.kernel.org/stable/c/d74196bb278b8f8af88e16bd595997dfa3d6fdb0
