PT-2025-40739 · Linux+3 · Linux Kernel+3

Published

2022-11-19

Updated

2026-02-05

CVE-2022-50505

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue related to a PCI device reference count leak within the ppr notifier() function in the iommu/amd module. The pci get domain bus and slot() function increments the reference count of a PCI device. To prevent a reference count leak, the caller must decrement this reference count by calling pci dev put() before returning from ppr notifier(). This issue could potentially lead to resource exhaustion or other unexpected behavior.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-911

Related Identifiers

BDU:2026-04058

CVE-2022-50505

OESA-2025-2553

RHSA-2023:6583

RHSA-2023_6583

SUSE-SU-2025:4111-1

SUSE-SU-2025:4139-1

SUSE-SU-2025:4149-1

SUSE-SU-2025:4189-1

SUSE-SU-2025:4320-1

Affected Products

Amd Iommu

Linux Kernel

Red Hat

Suse

PT-2025-40739 · Linux+3 · Linux Kernel+3

CVE-2022-50505

Weakness Enumeration

Related Identifiers

Affected Products

References · 649