CVE-2022-48724

Summary

In the Linux kernel, the following vulnerability has been resolved:

iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()

After commit e3beca48a45b ("irqdomain/treewide: Keep firmware node unconditionally allocated"). For tear down scenario, fn is only freed after fail to allocate ir_domain, though it also should be freed in case dmar_enable_qi returns error.

Besides free fn, irq_domain and ir_msi_domain need to be removed as well if intel_setup_irq_remapping fails to enable queued invalidation.

Improve the rewinding path by add out_free_ir_domain and out_free_fwnode lables per Baolu's suggestion.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux03992c88d71ba79d956f2ed54e370e630b8750f4 < a0c685ba99961b1dd894b2e470e692a539770f6daffected
LinuxLinuxc0c489e5430530a7021f4c889cd5931597e4b200 < a31cb1f0fb6caf46ffe88c41252b6b7a4ee062d9affected
LinuxLinux36f7355545725c5e9400520ae33e6ee16cf78c0e < 5c43d46daa0d2928234dd2792ebebc35d29ee2d1affected
LinuxLinuxe3beca48a45b5e0e6e6a4e0124276b8248dcc9bb < 9d9995b0371e4e8c18d4f955479e5d47efe7b2d4affected
LinuxLinuxe3beca48a45b5e0e6e6a4e0124276b8248dcc9bb < 336d096b62bdc673e852b6b80d5072d7888ce85daffected
LinuxLinuxe3beca48a45b5e0e6e6a4e0124276b8248dcc9bb < b62eceb5f8f08815fe3f945fc55bbf997c344ecdaffected
LinuxLinuxe3beca48a45b5e0e6e6a4e0124276b8248dcc9bb < 99e675d473eb8cf2deac1376a0f840222fc1adcfaffected
LinuxLinuxb4198ecddb87cd955aa9e024dd656af5ceaf6196affected
LinuxLinux4.14.190 < 4.14.265affected
LinuxLinux4.19.135 < 4.19.228affected
LinuxLinux5.4.54 < 5.4.178affected
LinuxLinux5.7.11 < 5.8affected
LinuxLinux5.8affected
LinuxLinux0 < 5.8unaffected
LinuxLinux4.14.265 <= 4.14.*unaffected
LinuxLinux4.19.228 <= 4.19.*unaffected
LinuxLinux5.4.178 <= 5.4.*unaffected
LinuxLinux5.10.99 <= 5.10.*unaffected
LinuxLinux5.15.22 <= 5.15.*unaffected
LinuxLinux5.16.8 <= 5.16.*unaffected
LinuxLinux5.17 <= *unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References