PT-2025-25981 · Linux+4 · Linux Kernel+4

Published

2022-08-12

Updated

2025-07-28

CVE-2022-50055

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, related to the iavf driver's adminq error handling. The issue involves the allocation of DMA coherent memory for VF mailbox using dma alloc coherent in iavf alloc asq bufs and iavf alloc arq bufs. Without the fix, DMA regions for ASQ and ARQ are not freed in case of an error during configuration, leading to pending DMA allocations when unloading the interface. This can result in leaked entries, with details including device address, size, and mapping information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401CWE-404

Related Identifiers

BDU:2026-02580

CESA-2022_7110

CESA-2022_7683

CVE-2022-50055

RHSA-2022:7110

RHSA-2022:7683

RHSA-2022_7110

RHSA-2022_7683

RHSA-2023:2458

RHSA-2023_2458

SUSE-SU-2025:02264-1

SUSE-SU-2025:02321-1

SUSE-SU-2025:02322-1

SUSE-SU-2025:02334-1

SUSE-SU-2025:02537-1

SUSE-SU-2025:2264-1

SUSE-SU-2025_02264-1

SUSE-SU-2025_02334-1

SUSE-SU-2025_02537-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2025-25981 · Linux+4 · Linux Kernel+4

CVE-2022-50055

Weakness Enumeration

Related Identifiers

Affected Products

References · 735