CVE-2022-48904

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-48904
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-48904.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-48904
Downstream
Related
Published
2024-08-22T01:30:28Z
Modified
2025-10-14T20:59:11.671376Z
Summary
iommu/amd: Fix I/O page table memory leak
Details

In the Linux kernel, the following vulnerability has been resolved:

iommu/amd: Fix I/O page table memory leak

The current logic updates the I/O page table mode for the domain before calling the logic to free memory used for the page table. This results in IOMMU page table memory leak, and can be observed when launching VM w/ pass-through devices.

Fix by freeing the memory used for page table before updating the mode.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e42ba0633064ef23eb1c8c21edf96bac1541bd4b
Fixed
378e2fe1eb58d5c2ed55c8fe5e11f9db5033cdd6
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e42ba0633064ef23eb1c8c21edf96bac1541bd4b
Fixed
c78627f757e37c2cf386b59c700c4e1574988597
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
e42ba0633064ef23eb1c8c21edf96bac1541bd4b
Fixed
6b0b2d9a6a308bcd9300c2d83000a82812c56cea

Affected versions

v5.*

v5.11
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.3
v5.15.4
v5.15.5
v5.15.6
v5.15.7
v5.15.8
v5.15.9
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.16.1
v5.16.10
v5.16.11
v5.16.12
v5.16.2
v5.16.3
v5.16.4
v5.16.5
v5.16.6
v5.16.7
v5.16.8
v5.16.9
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4

Database specific

{
    "vanir_signatures": [
        {
            "id": "CVE-2022-48904-03fda12f",
            "signature_type": "Line",
            "target": {
                "file": "drivers/iommu/amd/io_pgtable.c"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "141309934316173352263090154744206221265",
                    "156365358467898981835299419373877886664",
                    "90338082794977363460089722983013530141",
                    "304647592045775861387212238540583054251",
                    "102158773101744283200855273705242063706",
                    "330090183383393708999654593995565908475",
                    "143305160483524099020323758819963888345",
                    "304956140165401180025197688978630042094"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6b0b2d9a6a308bcd9300c2d83000a82812c56cea"
        },
        {
            "id": "CVE-2022-48904-0f6bca39",
            "signature_type": "Line",
            "target": {
                "file": "drivers/iommu/amd/io_pgtable.c"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "141309934316173352263090154744206221265",
                    "156365358467898981835299419373877886664",
                    "90338082794977363460089722983013530141",
                    "304647592045775861387212238540583054251",
                    "143232009286067666636277614315727474143",
                    "297722451202315982706500830816035762045",
                    "336011344512399370088908938614853847742",
                    "69712537499932375653454275110177318706"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c78627f757e37c2cf386b59c700c4e1574988597"
        },
        {
            "id": "CVE-2022-48904-4b3c794a",
            "signature_type": "Function",
            "target": {
                "file": "drivers/iommu/amd/io_pgtable.c",
                "function": "v1_free_pgtable"
            },
            "deprecated": false,
            "digest": {
                "length": 524.0,
                "function_hash": "171315738255733908021047173056698153941"
            },
            "signature_version": "v1",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@378e2fe1eb58d5c2ed55c8fe5e11f9db5033cdd6"
        },
        {
            "id": "CVE-2022-48904-c89a18be",
            "signature_type": "Function",
            "target": {
                "file": "drivers/iommu/amd/io_pgtable.c",
                "function": "v1_free_pgtable"
            },
            "deprecated": false,
            "digest": {
                "length": 484.0,
                "function_hash": "322583235995093329143920601558054555549"
            },
            "signature_version": "v1",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@6b0b2d9a6a308bcd9300c2d83000a82812c56cea"
        },
        {
            "id": "CVE-2022-48904-f772bbfc",
            "signature_type": "Function",
            "target": {
                "file": "drivers/iommu/amd/io_pgtable.c",
                "function": "v1_free_pgtable"
            },
            "deprecated": false,
            "digest": {
                "length": 524.0,
                "function_hash": "171315738255733908021047173056698153941"
            },
            "signature_version": "v1",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c78627f757e37c2cf386b59c700c4e1574988597"
        },
        {
            "id": "CVE-2022-48904-ff9c023f",
            "signature_type": "Line",
            "target": {
                "file": "drivers/iommu/amd/io_pgtable.c"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "141309934316173352263090154744206221265",
                    "156365358467898981835299419373877886664",
                    "90338082794977363460089722983013530141",
                    "304647592045775861387212238540583054251",
                    "143232009286067666636277614315727474143",
                    "297722451202315982706500830816035762045",
                    "336011344512399370088908938614853847742",
                    "69712537499932375653454275110177318706"
                ],
                "threshold": 0.9
            },
            "signature_version": "v1",
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@378e2fe1eb58d5c2ed55c8fe5e11f9db5033cdd6"
        }
    ]
}

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.12.0
Fixed
5.15.27
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
5.16.13