CVE-2022-50510

perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init()

Severity Score

5.5

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init() arm_smmu_pmu_init() won't remove the callback added by
cpuhp_setup_state_multi() when platform_driver_register() failed. Remove
the callback by cpuhp_remove_multi_state() in fail path. Similar to the handling of arm_ccn_init() in commit 26242b330093 ("bus:
arm-ccn: Prevent hotplug callback leak")

In the Linux kernel, the following vulnerability has been resolved: perf/smmuv3: Fix hotplug callback leak in arm_smmu_pmu_init() arm_smmu_pmu_init() won't remove the callback added by cpuhp_setup_state_multi() when platform_driver_register() failed. Remove the callback by cpuhp_remove_multi_state() in fail path. Similar to the handling of arm_ccn_init() in commit 26242b330093 ("bus: arm-ccn: Prevent hotplug callback leak")

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Partial

Integrity

None

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-10-07 CVE Reserved
2025-10-07 CVE Published
2026-05-03 EPSS Updated
2026-05-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
https://git.kernel.org/stable/c/7d839b4b9e00645e49345d6ce5dfa8edf53c1a21	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/d69bdb61d577297d3851fc9f6403574bf73ef41f	2023-01-18
https://git.kernel.org/stable/c/359286f886feef38536eaa7e673dc3440f03b0a1	2023-01-14
https://git.kernel.org/stable/c/b131304fe722853cf26e55c4fa21fc58a36e7f21	2022-12-31
https://git.kernel.org/stable/c/f245ca9a0fe7f794a8187ad803d5e2ced5a11cb2	2022-12-31
https://git.kernel.org/stable/c/582babe17ea878ec1d76f30e03f3a6ce6e30eb91	2022-12-31
https://git.kernel.org/stable/c/6f2d566b46436a50a80d6445e82879686b89588c	2022-11-15

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2022-50510	2023-11-07
https://bugzilla.redhat.com/show_bug.cgi?id=2402300	2023-11-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.2 < 5.4.229 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 5.4.229"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.2 < 5.10.163 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 5.10.163"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.2 < 5.15.86 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 5.15.86"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.2 < 6.0.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 6.0.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.2 < 6.1.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 6.1.2"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.2 < 6.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 6.2"		en		Affected