CVE-2022-50822: RDMA/restrack: Release MR restrack when delete
In the Linux kernel, the following vulnerability has been resolved:
RDMA/restrack: Release MR restrack when delete
The MR restrack also needs to be released when delete it, otherwise it
cause memory leak as the task struct won't be released.
Security readout for executives and security teams
Plain-English summary
This is a Linux kernel RDMA memory-management bug. When a memory region is deleted, related tracking data is not released, leaving task structures in memory. The public record describes a memory leak, not direct code execution or data theft. Business urgency depends on whether affected kernels with RDMA functionality are deployed.
Executive priority
Treat this as a targeted kernel hygiene item, not an emergency, unless RDMA is widely used in critical infrastructure. Patch through normal Linux kernel maintenance cycles, with faster handling for RDMA-heavy clusters or systems showing memory pressure.
Technical view
The fixed issue is in Linux kernel RDMA resource tracking. MR restrack state was not released on delete, preventing associated task_struct memory from being freed. The source bundle lists Linux kernel versions and stable kernel commits, but provides no CVSS, CWE, exploitability analysis, or distribution-specific package status.
Likely exposure
Exposure is most plausible on Linux systems running affected kernel builds where RDMA functionality is present or used. The bundle lists Linux kernel version data, but does not provide clear distribution package mappings or complete affected-range semantics.
Exploitation context
The source bundle does not cite active exploitation, and KEV is false. Available evidence supports a memory leak impact in kernel RDMA handling. It does not establish remote exploitability, privilege requirements, denial-of-service reliability, or weaponized exploitation.
Researcher notes
Key missing details are CVSS, CWE, attack preconditions, reachable paths, and distro backports. The record’s affected-version data is not enough to determine every exposed package. Analysis should focus on RDMA MR lifecycle handling and whether the fix is present in deployed kernels.
Mitigation direction
Identify Linux hosts using RDMA-capable kernels or RDMA workloads.
Check vendor kernel advisories for CVE-2022-50822 package status.
Upgrade to a kernel containing the referenced stable fixes.
Prioritize RDMA-enabled servers and high-uptime systems.
Monitor vendor guidance because source detail is limited.
Validation and detection
Inventory kernel versions across Linux fleets.
Check whether RDMA modules, devices, or workloads are present.
Confirm installed kernel changelogs include the referenced fix commits.
Review system memory trends for unexplained kernel-side growth.
Validate remediation through vendor package metadata, not version strings alone.
Generated from the cited source records. This long-tail analysis has not been individually reviewed by a named human.
Potential ATT&CK relevance
Conservative CVE-to-ATT&CK context
These mappings and lookup hints may be relevant to the vulnerability behavior, CWE, affected product, or exposure path. Glexia-inferred context is not an official MITRE, ATT&CK, CWE, or CVE Program mapping.
ATT&CK lookup starting points
Use these exact CWE pages and searches to review the Glexia ATT&CK library from this CVE's weakness and description context.
cve · low confidence lookup
CVE-2022-50822 mapping review
Open the CVE-to-ATT&CK bridge for reviewed, inferred, or future official mappings tied to this CVE.
These fields come from the CVE record and ADP containers, not from Glexia's Take. They preserve time-varying source decisions such as CISA SSVC, KEV status, CVSS metrics, and provider references.
0CVSS vectors
3Timeline events
0ADP providers
5Source links
Vulnerability timeline
Timeline events are normalized from CVE metadata, CNA source timelines, ADP timelines, and KEV metadata when present.
CVE reservedCVE Program
The CVE ID was reserved by the assigning CNA.
CVE publishedCVE Program
The CVE record was published.
Dec 30, 2025, 12:08 UTC (UTC+00:00)
CVE updatedCVE Program
The CVE record metadata indicates this as the latest update time.