PT-2022-7617 · Linux+4 · Linux Kernel+4

Daniel Jordan

Published

2022-02-14

Updated

2025-09-29

CVE-2022-48904

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fix

Description The issue is related to a memory leak in the IOMMU page table, which can be observed when launching VM with pass-through devices. This is due to the current logic updating the I/O page table mode for the domain before calling the logic to free memory used for the page table. The estimated number of potentially affected devices is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations To resolve the issue, update to a version of the Linux kernel that includes the fix for the I/O page table memory leak. As a temporary workaround, consider disabling the launch of VM with pass-through devices until a patch is available. Restrict access to the vulnerable iommu/amd component to minimize the risk of exploitation.

Exploit

Fix

DoS

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

ALSA-2025_16880

BDU:2024-07461

CESA-2022_1988

CVE-2022-48904

OPENSUSE-SU-2024_3190-1

OPENSUSE-SU-2024_3209-1

OPENSUSE-SU-2024_3408-1

OPENSUSE-SU-2024_3483-1

RHSA-2022:1988

RHSA-2022_1988

SUSE-SU-2024:3190-1

SUSE-SU-2024:3209-1

SUSE-SU-2024:3227-1

SUSE-SU-2024:3408-1

SUSE-SU-2024:3483-1

Affected Products

Centos

Linux Kernel

Red Hat

Red Os

Suse

PT-2022-7617 · Linux+4 · Linux Kernel+4

CVE-2022-48904

Weakness Enumeration

Related Identifiers

Affected Products

References · 674