CVE-2022-48724 - Vulnerability Details

Vendors	Products
Linux	Linux Kernel

Link	Providers
https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d
https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1
https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf
https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4
https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d
https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9
https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd
https://lore.kernel.org/linux-cve-announce/2024062057-CVE-2022-48724-6bcd@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2022-48724
https://www.cve.org/CVERecord?id=CVE-2022-48724

Type	Values Removed	Values Added
First Time appeared		Linux Linux linux Kernel
Weaknesses		CWE-401
CPEs		cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:5.17:rc1:::::: cpe:2.3:o:linux:linux_kernel:5.17:rc2::::::
Vendors & Products		Linux Linux linux Kernel
Metrics	cvssV3_1 `{'score': 5.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L'}`	cvssV3_1 `{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}`

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-48724", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-06-20T11:09:39.051Z", "datePublished": "2024-06-20T11:13:14.644Z", "dateUpdated": "2025-05-04T12:43:37.798Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:43:37.798Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()\n\nAfter commit e3beca48a45b (\"irqdomain/treewide: Keep firmware node\nunconditionally allocated\"). For tear down scenario, fn is only freed\nafter fail to allocate ir_domain, though it also should be freed in case\ndmar_enable_qi returns error.\n\nBesides free fn, irq_domain and ir_msi_domain need to be removed as well\nif intel_setup_irq_remapping fails to enable queued invalidation.\n\nImprove the rewinding path by add out_free_ir_domain and out_free_fwnode\nlables per Baolu's suggestion."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iommu/intel/irq_remapping.c"], "versions": [{"version": "03992c88d71ba79d956f2ed54e370e630b8750f4", "lessThan": "a0c685ba99961b1dd894b2e470e692a539770f6d", "status": "affected", "versionType": "git"}, {"version": "c0c489e5430530a7021f4c889cd5931597e4b200", "lessThan": "a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9", "status": "affected", "versionType": "git"}, {"version": "36f7355545725c5e9400520ae33e6ee16cf78c0e", "lessThan": "5c43d46daa0d2928234dd2792ebebc35d29ee2d1", "status": "affected", "versionType": "git"}, {"version": "e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb", "lessThan": "9d9995b0371e4e8c18d4f955479e5d47efe7b2d4", "status": "affected", "versionType": "git"}, {"version": "e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb", "lessThan": "336d096b62bdc673e852b6b80d5072d7888ce85d", "status": "affected", "versionType": "git"}, {"version": "e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb", "lessThan": "b62eceb5f8f08815fe3f945fc55bbf997c344ecd", "status": "affected", "versionType": "git"}, {"version": "e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb", "lessThan": "99e675d473eb8cf2deac1376a0f840222fc1adcf", "status": "affected", "versionType": "git"}, {"version": "b4198ecddb87cd955aa9e024dd656af5ceaf6196", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/iommu/intel/irq_remapping.c"], "versions": [{"version": "5.8", "status": "affected"}, {"version": "0", "lessThan": "5.8", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.265", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.228", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.178", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.99", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.22", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.16.8", "lessThanOrEqual": "5.16.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.17", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.14.190", "versionEndExcluding": "4.14.265"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "4.19.135", "versionEndExcluding": "4.19.228"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.54", "versionEndExcluding": "5.4.178"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.8", "versionEndExcluding": "5.10.99"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.8", "versionEndExcluding": "5.15.22"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.8", "versionEndExcluding": "5.16.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.8", "versionEndExcluding": "5.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.7.11"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d"}, {"url": "https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9"}, {"url": "https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1"}, {"url": "https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4"}, {"url": "https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d"}, {"url": "https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd"}, {"url": "https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf"}], "title": "iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:24:59.995Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48724", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:11:09.906830Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:34:49.407Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2022-48724 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-06-20T11:09:39.051Z (string)

datePublished : 2024-06-20T11:13:14.644Z (string)

dateUpdated : 2025-05-04T12:43:37.798Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T12:43:37.798Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() After commit e3beca48a45b ("irqdomain/treewide: Keep firmware node unconditionally allocated"). For tear down scenario, fn is only freed after fail to allocate ir_domain, though it also should be freed in case dmar_enable_qi returns error. Besides free fn, irq_domain and ir_msi_domain need to be removed as well if intel_setup_irq_remapping fails to enable queued invalidation. Improve the rewinding path by add out_free_ir_domain and out_free_fwnode lables per Baolu's suggestion. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/iommu/intel/irq_remapping.c (string)

]

versions : [ »

0 : { »

version : 03992c88d71ba79d956f2ed54e370e630b8750f4 (string)

lessThan : a0c685ba99961b1dd894b2e470e692a539770f6d (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : c0c489e5430530a7021f4c889cd5931597e4b200 (string)

lessThan : a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9 (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 36f7355545725c5e9400520ae33e6ee16cf78c0e (string)

lessThan : 5c43d46daa0d2928234dd2792ebebc35d29ee2d1 (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb (string)

lessThan : 9d9995b0371e4e8c18d4f955479e5d47efe7b2d4 (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb (string)

lessThan : 336d096b62bdc673e852b6b80d5072d7888ce85d (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb (string)

lessThan : b62eceb5f8f08815fe3f945fc55bbf997c344ecd (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb (string)

lessThan : 99e675d473eb8cf2deac1376a0f840222fc1adcf (string)

status : affected (string)

versionType : git (string)

}

7 : { »

version : b4198ecddb87cd955aa9e024dd656af5ceaf6196 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : drivers/iommu/intel/irq_remapping.c (string)

]

versions : [ »

0 : { »

version : 5.8 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 5.8 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 4.14.265 (string)

lessThanOrEqual : 4.14.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 4.19.228 (string)

lessThanOrEqual : 4.19.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 5.4.178 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 5.10.99 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 5.15.22 (string)

lessThanOrEqual : 5.15.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 5.16.8 (string)

lessThanOrEqual : 5.16.* (string)

status : unaffected (string)

versionType : semver (string)

}

8 : { »

version : 5.17 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.14.190 (string)

versionEndExcluding : 4.14.265 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 4.19.135 (string)

versionEndExcluding : 4.19.228 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 5.4.54 (string)

versionEndExcluding : 5.4.178 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 5.8 (string)

versionEndExcluding : 5.10.99 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 5.8 (string)

versionEndExcluding : 5.15.22 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 5.8 (string)

versionEndExcluding : 5.16.8 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 5.8 (string)

versionEndExcluding : 5.17 (string)

}

7 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 5.7.11 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d (string)

}

1 : { »

url : https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d (string)

}

5 : { »

url : https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd (string)

}

6 : { »

url : https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf (string)

}

]

title : iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T15:24:59.995Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2022-48724 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-09-10T17:11:09.906830Z (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-09-11T17:34:49.407Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T15:24:59.995Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-48724", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T17:11:09.906830Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:26.163Z"}}], "cna": {"title": "iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "03992c88d71ba79d956f2ed54e370e630b8750f4", "lessThan": "a0c685ba99961b1dd894b2e470e692a539770f6d", "versionType": "git"}, {"status": "affected", "version": "c0c489e5430530a7021f4c889cd5931597e4b200", "lessThan": "a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9", "versionType": "git"}, {"status": "affected", "version": "36f7355545725c5e9400520ae33e6ee16cf78c0e", "lessThan": "5c43d46daa0d2928234dd2792ebebc35d29ee2d1", "versionType": "git"}, {"status": "affected", "version": "e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb", "lessThan": "9d9995b0371e4e8c18d4f955479e5d47efe7b2d4", "versionType": "git"}, {"status": "affected", "version": "e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb", "lessThan": "336d096b62bdc673e852b6b80d5072d7888ce85d", "versionType": "git"}, {"status": "affected", "version": "e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb", "lessThan": "b62eceb5f8f08815fe3f945fc55bbf997c344ecd", "versionType": "git"}, {"status": "affected", "version": "e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb", "lessThan": "99e675d473eb8cf2deac1376a0f840222fc1adcf", "versionType": "git"}, {"status": "affected", "version": "b4198ecddb87cd955aa9e024dd656af5ceaf6196", "versionType": "git"}], "programFiles": ["drivers/iommu/intel/irq_remapping.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.8"}, {"status": "unaffected", "version": "0", "lessThan": "5.8", "versionType": "semver"}, {"status": "unaffected", "version": "4.14.265", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.228", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.178", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.99", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.22", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "5.16.8", "versionType": "semver", "lessThanOrEqual": "5.16.*"}, {"status": "unaffected", "version": "5.17", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/iommu/intel/irq_remapping.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d"}, {"url": "https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9"}, {"url": "https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1"}, {"url": "https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4"}, {"url": "https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d"}, {"url": "https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd"}, {"url": "https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()\n\nAfter commit e3beca48a45b (\"irqdomain/treewide: Keep firmware node\nunconditionally allocated\"). For tear down scenario, fn is only freed\nafter fail to allocate ir_domain, though it also should be freed in case\ndmar_enable_qi returns error.\n\nBesides free fn, irq_domain and ir_msi_domain need to be removed as well\nif intel_setup_irq_remapping fails to enable queued invalidation.\n\nImprove the rewinding path by add out_free_ir_domain and out_free_fwnode\nlables per Baolu's suggestion."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.14.265", "versionStartIncluding": "4.14.190"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.228", "versionStartIncluding": "4.19.135"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.178", "versionStartIncluding": "5.4.54"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.99", "versionStartIncluding": "5.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.22", "versionStartIncluding": "5.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.16.8", "versionStartIncluding": "5.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.17", "versionStartIncluding": "5.8"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionStartIncluding": "5.7.11"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T12:43:37.798Z"}}}, "cveMetadata": {"cveId": "CVE-2022-48724", "state": "PUBLISHED", "dateUpdated": "2025-05-04T12:43:37.798Z", "dateReserved": "2024-06-20T11:09:39.051Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-06-20T11:13:14.644Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4 (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-03T15:24:59.995Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2022-48724 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-09-10T17:11:09.906830Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-09-11T12:42:26.163Z (string)

}

]

cna : { »

title : iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 03992c88d71ba79d956f2ed54e370e630b8750f4 (string)

lessThan : a0c685ba99961b1dd894b2e470e692a539770f6d (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : c0c489e5430530a7021f4c889cd5931597e4b200 (string)

lessThan : a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9 (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 36f7355545725c5e9400520ae33e6ee16cf78c0e (string)

lessThan : 5c43d46daa0d2928234dd2792ebebc35d29ee2d1 (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb (string)

lessThan : 9d9995b0371e4e8c18d4f955479e5d47efe7b2d4 (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb (string)

lessThan : 336d096b62bdc673e852b6b80d5072d7888ce85d (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb (string)

lessThan : b62eceb5f8f08815fe3f945fc55bbf997c344ecd (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : e3beca48a45b5e0e6e6a4e0124276b8248dcc9bb (string)

lessThan : 99e675d473eb8cf2deac1376a0f840222fc1adcf (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : b4198ecddb87cd955aa9e024dd656af5ceaf6196 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : drivers/iommu/intel/irq_remapping.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 5.8 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 5.8 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 4.14.265 (string)

versionType : semver (string)

lessThanOrEqual : 4.14.* (string)

}

3 : { »

status : unaffected (string)

version : 4.19.228 (string)

versionType : semver (string)

lessThanOrEqual : 4.19.* (string)

}

4 : { »

status : unaffected (string)

version : 5.4.178 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

5 : { »

status : unaffected (string)

version : 5.10.99 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

6 : { »

status : unaffected (string)

version : 5.15.22 (string)

versionType : semver (string)

lessThanOrEqual : 5.15.* (string)

}

7 : { »

status : unaffected (string)

version : 5.16.8 (string)

versionType : semver (string)

lessThanOrEqual : 5.16.* (string)

}

8 : { »

status : unaffected (string)

version : 5.17 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : drivers/iommu/intel/irq_remapping.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d (string)

}

1 : { »

url : https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4 (string)

}

4 : { »

url : https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d (string)

}

5 : { »

url : https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd (string)

}

6 : { »

url : https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf (string)

}

]

x_generator : { »

engine : bippy-1.2.0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() After commit e3beca48a45b ("irqdomain/treewide: Keep firmware node unconditionally allocated"). For tear down scenario, fn is only freed after fail to allocate ir_domain, though it also should be freed in case dmar_enable_qi returns error. Besides free fn, irq_domain and ir_msi_domain need to be removed as well if intel_setup_irq_remapping fails to enable queued invalidation. Improve the rewinding path by add out_free_ir_domain and out_free_fwnode lables per Baolu's suggestion. (string)

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

negate : false (boolean)

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.14.265 (string)

versionStartIncluding : 4.14.190 (string)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.19.228 (string)

versionStartIncluding : 4.19.135 (string)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.4.178 (string)

versionStartIncluding : 5.4.54 (string)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.10.99 (string)

versionStartIncluding : 5.8 (string)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.15.22 (string)

versionStartIncluding : 5.8 (string)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.16.8 (string)

versionStartIncluding : 5.8 (string)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.17 (string)

versionStartIncluding : 5.8 (string)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionStartIncluding : 5.7.11 (string)

}

]

operator : OR (string)

}

]

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-05-04T12:43:37.798Z (string)

}

cveMetadata : { »

cveId : CVE-2022-48724 (string)

state : PUBLISHED (string)

dateUpdated : 2025-05-04T12:43:37.798Z (string)

dateReserved : 2024-06-20T11:09:39.051Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-06-20T11:13:14.644Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "BA40F961-E64D-4826-AEA2-A045C11BF07B", "versionEndExcluding": "4.14.265", "versionStartIncluding": "4.14.190", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "22AF2090-4DCE-439F-BEA5-21158821FA0D", "versionEndExcluding": "4.19.228", "versionStartIncluding": "4.19.135", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0ECB3887-292E-4352-91FF-5A9DAF2DB2F0", "versionEndExcluding": "5.4.178", "versionStartIncluding": "5.4.54", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "4BA1C188-F80B-4209-9D5D-6AA4BAFB916B", "versionEndExcluding": "5.8", "versionStartIncluding": "5.7.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "539F713A-F940-4698-BC87-245228B4AB3D", "versionEndExcluding": "5.10.99", "versionStartIncluding": "5.8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "74528AA6-B524-4C3F-B188-1194235FE47D", "versionEndExcluding": "5.15.22", "versionStartIncluding": "5.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0623892A-E3E4-44E6-8A5E-39A0B47AF782", "versionEndExcluding": "5.16.8", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:*", "matchCriteriaId": "7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:*", "matchCriteriaId": "E6E34B23-78B4-4516-9BD8-61B33F4AC49A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()\n\nAfter commit e3beca48a45b (\"irqdomain/treewide: Keep firmware node\nunconditionally allocated\"). For tear down scenario, fn is only freed\nafter fail to allocate ir_domain, though it also should be freed in case\ndmar_enable_qi returns error.\n\nBesides free fn, irq_domain and ir_msi_domain need to be removed as well\nif intel_setup_irq_remapping fails to enable queued invalidation.\n\nImprove the rewinding path by add out_free_ir_domain and out_free_fwnode\nlables per Baolu's suggestion."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu/vt-d: soluciona una posible p\u00e9rdida de memoria en intel_setup_irq_remapping() despu\u00e9s del commit e3beca48a45b (\"irqdomain/treewide: mantiene el nodo de firmware asignado incondicionalmente\"). Para el escenario de desmontaje, fn solo se libera despu\u00e9s de que no se puede asignar ir_domain, aunque tambi\u00e9n debe liberarse en caso de que dmar_enable_qi devuelva un error. Adem\u00e1s de free fn, irq_domain e ir_msi_domain tambi\u00e9n deben eliminarse si intel_setup_irq_remapping no logra habilitar la invalidaci\u00f3n en cola. Mejore la ruta de rebobinado agregando las etiquetas out_free_ir_domain y out_free_fwnode seg\u00fan la sugerencia de Baolu."}], "id": "CVE-2022-48724", "lastModified": "2024-11-21T07:33:52.053", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-06-20T12:15:10.900", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : BA40F961-E64D-4826-AEA2-A045C11BF07B (string)

versionEndExcluding : 4.14.265 (string)

versionStartIncluding : 4.14.190 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 22AF2090-4DCE-439F-BEA5-21158821FA0D (string)

versionEndExcluding : 4.19.228 (string)

versionStartIncluding : 4.19.135 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0ECB3887-292E-4352-91FF-5A9DAF2DB2F0 (string)

versionEndExcluding : 5.4.178 (string)

versionStartIncluding : 5.4.54 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 4BA1C188-F80B-4209-9D5D-6AA4BAFB916B (string)

versionEndExcluding : 5.8 (string)

versionStartIncluding : 5.7.11 (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 539F713A-F940-4698-BC87-245228B4AB3D (string)

versionEndExcluding : 5.10.99 (string)

versionStartIncluding : 5.8 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 74528AA6-B524-4C3F-B188-1194235FE47D (string)

versionEndExcluding : 5.15.22 (string)

versionStartIncluding : 5.11 (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 0623892A-E3E4-44E6-8A5E-39A0B47AF782 (string)

versionEndExcluding : 5.16.8 (string)

versionStartIncluding : 5.16 (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.17:rc1:*:*:*:*:*:* (string)

matchCriteriaId : 7BD5F8D9-54FA-4CB0-B4F0-CB0471FDDB2D (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:linux:linux_kernel:5.17:rc2:*:*:*:*:*:* (string)

matchCriteriaId : E6E34B23-78B4-4516-9BD8-61B33F4AC49A (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() After commit e3beca48a45b ("irqdomain/treewide: Keep firmware node unconditionally allocated"). For tear down scenario, fn is only freed after fail to allocate ir_domain, though it also should be freed in case dmar_enable_qi returns error. Besides free fn, irq_domain and ir_msi_domain need to be removed as well if intel_setup_irq_remapping fails to enable queued invalidation. Improve the rewinding path by add out_free_ir_domain and out_free_fwnode lables per Baolu's suggestion. (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: iommu/vt-d: soluciona una posible pérdida de memoria en intel_setup_irq_remapping() después del commit e3beca48a45b ("irqdomain/treewide: mantiene el nodo de firmware asignado incondicionalmente"). Para el escenario de desmontaje, fn solo se libera después de que no se puede asignar ir_domain, aunque también debe liberarse en caso de que dmar_enable_qi devuelva un error. Además de free fn, irq_domain e ir_msi_domain también deben eliminarse si intel_setup_irq_remapping no logra habilitar la invalidación en cola. Mejore la ruta de rebobinado agregando las etiquetas out_free_ir_domain y out_free_fwnode según la sugerencia de Baolu. (string)

}

]

id : CVE-2022-48724 (string)

lastModified : 2024-11-21T07:33:52.053 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 5.5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : NONE (string)

integrityImpact : NONE (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2024-06-20T12:15:10.900 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9 (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/336d096b62bdc673e852b6b80d5072d7888ce85d (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/5c43d46daa0d2928234dd2792ebebc35d29ee2d1 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/99e675d473eb8cf2deac1376a0f840222fc1adcf (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/9d9995b0371e4e8c18d4f955479e5d47efe7b2d4 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a0c685ba99961b1dd894b2e470e692a539770f6d (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://git.kernel.org/stable/c/b62eceb5f8f08815fe3f945fc55bbf997c344ecd (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-401 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"bugzilla": {"description": "kernel: iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()", "id": "2293336", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293336"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.1", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L", "status": "draft"}, "cwe": "CWE-402", "details": ["In the Linux kernel, the following vulnerability has been resolved:\niommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()\nAfter commit e3beca48a45b (\"irqdomain/treewide: Keep firmware node\nunconditionally allocated\"). For tear down scenario, fn is only freed\nafter fail to allocate ir_domain, though it also should be freed in case\ndmar_enable_qi returns error.\nBesides free fn, irq_domain and ir_msi_domain need to be removed as well\nif intel_setup_irq_remapping fails to enable queued invalidation.\nImprove the rewinding path by add out_free_ir_domain and out_free_fwnode\nlables per Baolu's suggestion."], "name": "CVE-2022-48724", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-06-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-48724\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-48724\nhttps://lore.kernel.org/linux-cve-announce/2024062057-CVE-2022-48724-6bcd@gregkh/T"], "threat_severity": "Low"}

{

bugzilla : { »

description : kernel: iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() (string)

id : 2293336 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2293336 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 5.1 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L (string)

status : draft (string)

}

cwe : CWE-402 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() After commit e3beca48a45b ("irqdomain/treewide: Keep firmware node unconditionally allocated"). For tear down scenario, fn is only freed after fail to allocate ir_domain, though it also should be freed in case dmar_enable_qi returns error. Besides free fn, irq_domain and ir_msi_domain need to be removed as well if intel_setup_irq_remapping fails to enable queued invalidation. Improve the rewinding path by add out_free_ir_domain and out_free_fwnode lables per Baolu's suggestion. (string)

]

name : CVE-2022-48724 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

4 : { »

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

fix_state : Affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 8 (string)

}

5 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

6 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-06-20T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2022-48724 https://nvd.nist.gov/vuln/detail/CVE-2022-48724 https://lore.kernel.org/linux-cve-announce/2024062057-CVE-2022-48724-6bcd@gregkh/T (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object