PT-2025-40739 · Linux+3 · Linux Kernel+3

Publicado

2022-11-19

Atualizado

2026-02-05

CVE-2022-50505

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue related to a PCI device reference count leak within the ppr notifier() function in the iommu/amd module. The pci get domain bus and slot() function increments the reference count of a PCI device. To prevent a reference count leak, the caller must decrement this reference count by calling pci dev put() before returning from ppr notifier(). This issue could potentially lead to resource exhaustion or other unexpected behavior.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-911

Identificadores relacionados

BDU:2026-04058

CVE-2022-50505

OESA-2025-2553

RHSA-2023:6583

RHSA-2023_6583

SUSE-SU-2025:4111-1

SUSE-SU-2025:4139-1

SUSE-SU-2025:4149-1

SUSE-SU-2025:4189-1

SUSE-SU-2025:4320-1

Produtos afetados

Amd Iommu

Linux Kernel

Red Hat

Suse

PT-2025-40739 · Linux+3 · Linux Kernel+3

CVE-2022-50505

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 649