LiveActive security incident?Get immediate response
CVE Record

CVE-2022-50822: RDMA/restrack: Release MR restrack when delete

In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Release MR restrack when delete The MR restrack also needs to be released when delete it, otherwise it cause memory leak as the task struct won't be released.

UnknownCVSS not scoredNot KEV-listedUpdated
Glexia's TakeAutomated analysisunknown

Security readout for executives and security teams

Plain-English summary

This is a Linux kernel RDMA memory-management bug. When a memory region is deleted, related tracking data is not released, leaving task structures in memory. The public record describes a memory leak, not direct code execution or data theft. Business urgency depends on whether affected kernels with RDMA functionality are deployed.

Executive priority

Treat this as a targeted kernel hygiene item, not an emergency, unless RDMA is widely used in critical infrastructure. Patch through normal Linux kernel maintenance cycles, with faster handling for RDMA-heavy clusters or systems showing memory pressure.

Technical view

The fixed issue is in Linux kernel RDMA resource tracking. MR restrack state was not released on delete, preventing associated task_struct memory from being freed. The source bundle lists Linux kernel versions and stable kernel commits, but provides no CVSS, CWE, exploitability analysis, or distribution-specific package status.

Likely exposure

Exposure is most plausible on Linux systems running affected kernel builds where RDMA functionality is present or used. The bundle lists Linux kernel version data, but does not provide clear distribution package mappings or complete affected-range semantics.

Exploitation context

The source bundle does not cite active exploitation, and KEV is false. Available evidence supports a memory leak impact in kernel RDMA handling. It does not establish remote exploitability, privilege requirements, denial-of-service reliability, or weaponized exploitation.

Researcher notes

Key missing details are CVSS, CWE, attack preconditions, reachable paths, and distro backports. The record’s affected-version data is not enough to determine every exposed package. Analysis should focus on RDMA MR lifecycle handling and whether the fix is present in deployed kernels.

Mitigation direction

  • Identify Linux hosts using RDMA-capable kernels or RDMA workloads.
  • Check vendor kernel advisories for CVE-2022-50822 package status.
  • Upgrade to a kernel containing the referenced stable fixes.
  • Prioritize RDMA-enabled servers and high-uptime systems.
  • Monitor vendor guidance because source detail is limited.

Validation and detection

  • Inventory kernel versions across Linux fleets.
  • Check whether RDMA modules, devices, or workloads are present.
  • Confirm installed kernel changelogs include the referenced fix commits.
  • Review system memory trends for unexplained kernel-side growth.
  • Validate remediation through vendor package metadata, not version strings alone.
Prepared
Confidence
medium
Sources
6

Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.

Potential ATT&CK relevance

Conservative CVE-to-ATT&CK context

These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.

ATT&CK lookup starting points

Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.

cve · low confidence lookup

CVE-2022-50822 mapping review

Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.

Open ATT&CK lookup
Vulnerability profileCVE Program record
Severity
Unknown
CVSS
Not scored
Known Exploited
No
Published
Official CVE source material

CNA and ADP enrichment extracted from CVE v5

These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.

0CVSS vectors
3Timeline events
0ADP providers
5Source links

Vulnerability timeline

Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.

  1. CVE reservedCVE Program

    The CVE ID was reserved by the assigning CNA.

  2. CVE publishedCVE Program

    The CVE record was published.

  3. CVE updatedCVE Program

    The CVE record metadata indicates this as the latest update time.

Affected products

Products and packages named in the record

VendorProductVersion / packageStatus
LinuxLinux13ef5539def732dc7b9c58c320d97a0a95b52634, 13ef5539def732dc7b9c58c320d97a0a95b52634, 13ef5539def732dc7b9c58c320d97a0a95b52634, 13ef5539def732dc7b9c58c320d97a0a95b52634unaffected
LinuxLinux5.10, 0, 5.15.86, 6.0.16, 6.1.2, 6.2affected
Weakness

CWE details

No CWE listed

CWE links open Glexia weakness intelligence pages with official CWE context, developer remediation guidance, and related CVE mappings.