CVE-2022-50738

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a memory leak in the vhost-vdpa subsystem related to IOTLB (I/O Translation Lookaside Buffer) management. Prior to commit 3d5698793897, the vhost vdpa iotlb unmap function was not correctly called during device release, leading to a memory leak if the application did not send VHOST IOTLB INVALIDATE or crashed. A partial fix was implemented with commit 037d4305569a, but the leak persisted under certain conditions, as indicated by kmemleak reports. The issue occurs when use va is set to true, such as with VDUSE devices. The fix involves calling vhost vdpa iotlb unmap on the entire range within vhost vdpa remove as before vhost dev cleanup, ensuring a valid v->vdev.mm for vhost vdpa pa unmap. The vhost iotlb reset call is removed as vhost vdpa iotlb unmap handles all entries.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.