AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2022-50055: In the Linux kernel, the following vulnerability has been resolved: iavf: Fix adminq error handling iavf_alloc_asq_buf

mediumvulnerability

security

Source: NVD/CVE DatabaseJune 18, 2025CVE-2022-50055

Summary

A bug in the Linux kernel's iavf driver caused memory leaks when the driver shut down, because it wasn't properly freeing DMA memory (memory allocated for direct communication between the CPU and a network card) that was used for the VF mailbox (a communication channel between a virtual network function and its parent device). This left orphaned memory blocks that the system couldn't reclaim.

Solution / Mitigation

Free DMA regions for both ASQ and ARQ (the send and receive queues for the mailbox) in case an error happens during configuration of ASQ/ARQ registers, instead of leaving them allocated.

Vulnerability Details

CVSS Score

5.5(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationModerate

Original source: https://nvd.nist.gov/vuln/detail/CVE-2022-50055

First tracked: February 15, 2026 at 08:52 PM

Classified by LLM (prompt v3) · confidence: 95%