Description

In the Linux kernel, the following vulnerability has been resolved: vdpa_sim_blk: set number of address spaces and virtqueue groups Commit bda324fd037a ("vdpasim: control virtqueue support") added two new fields (nas, ngroups) to vdpasim_dev_attr, but we forgot to initialize them for vdpa_sim_blk. When creating a new vdpa_sim_blk device this causes the kernel to panic in this way:    $ vdpa dev add mgmtdev vdpasim_blk name blk0    BUG: kernel NULL pointer dereference, address: 0000000000000030    ...    RIP: 0010:vhost_iotlb_add_range_ctx+0x41/0x220 [vhost_iotlb]    ...    Call Trace:     <TASK>     vhost_iotlb_add_range+0x11/0x800 [vhost_iotlb]     vdpasim_map_range+0x91/0xd0 [vdpa_sim]     vdpasim_alloc_coherent+0x56/0x90 [vdpa_sim]     ... This happens because vdpasim->iommu[0] is not initialized when dev_attr.nas is 0. Let's fix this issue by initializing both (nas, ngroups) to 1 for vdpa_sim_blk.

INFO

Published Date :

2025-06-18T11:02:06.988Z

Last Modified :

2025-06-18T11:02:06.988Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2022-50058 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2022-50058.

URL Resource
https://git.kernel.org/stable/c/19cd4a5471b8eaa4bd161b0fdb4567f2fc88d809 cve-icon cve-icon
https://git.kernel.org/stable/c/a291c7d289fac2cb13fb2614a9a251afbbd86ce9 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025061848-CVE-2022-50058-212f@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2022-50058 cve-icon
https://www.cve.org/CVERecord?id=CVE-2022-50058 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact