{"id":"CVE-2022-0854","details":"A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.","modified":"2026-05-15T11:54:25.117002608Z","published":"2022-03-23T19:46:15Z","related":["ALSA-2022:7444","ALSA-2022:7683","ALSA-2022:7933","ALSA-2022:8267","SUSE-SU-2022:1163-1","SUSE-SU-2022:1183-1","SUSE-SU-2022:1197-1","SUSE-SU-2022:1257-1","SUSE-SU-2022:1407-1","SUSE-SU-2024:2929-1","SUSE-SU-2024:3249-1","SUSE-SU-2024:3499-1","SUSE-SU-2026:0263-1","SUSE-SU-2026:0317-1","SUSE-SU-2026:0350-1","SUSE-SU-2026:0369-1","SUSE-SU-2026:0411-1","SUSE-SU-2026:0617-1"],"database_specific":{"cwe_ids":["CWE-200"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/0xxx/CVE-2022-0854.json","cna_assigner":"redhat"},"references":[{"type":"WEB","url":"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/kernel/dma/swiotlb.c?h=v5.17-rc8&id=aa6f8dcbab473f3a3c7454b74caa46d36cdc5d13"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/0xxx/CVE-2022-0854.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-0854"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5161"},{"type":"ADVISORY","url":"https://www.debian.org/security/2022/dsa-5173"},{"type":"ARTICLE","url":"https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"}],"schema_version":"1.7.5"}