CVE-2022-50540 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong sizeof config in slave_config Fix broken slave_config function that uncorrectly compare the peripheral_size with the size of the config pointer instead of the size of the config struct. This cause the crci value to be ignored and cause a kernel panic on any slave that use adm driver. To fix this, compare to the size of the struct and NOT the size of the pointer.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/7490274b41a432824f7df5071ace3df2ab59caa7
https://git.kernel.org/stable/c/7c8765308371be30f50c1b5b97618b731514b207
https://git.kernel.org/stable/c/f1dd45a6585a1689e1e8906b3f9e302b9d40c715

History

Tue, 07 Oct 2025 15:30:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong sizeof config in slave_config Fix broken slave_config function that uncorrectly compare the peripheral_size with the size of the config pointer instead of the size of the config struct. This cause the crci value to be ignored and cause a kernel panic on any slave that use adm driver. To fix this, compare to the size of the struct and NOT the size of the pointer.
Title		dmaengine: qcom-adm: fix wrong sizeof config in slave_config
References		https://git.kernel.org/stable/c/7490274b41a432824f7df5071ace3df2ab59caa7 https://git.kernel.org/stable/c/7c8765308371be30f50c1b5b97618b731514b207 https://git.kernel.org/stable/c/f1dd45a6585a1689e1e8906b3f9e302b9d40c715

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-07T15:21:05.836Z

Updated: 2025-10-07T15:21:05.836Z

Reserved: 2025-10-07T15:15:38.667Z

Link: CVE-2022-50540

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-07T16:15:38.320

Modified: 2025-10-07T16:15:38.320

Link: CVE-2022-50540

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-50540", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-10-07T15:15:38.667Z", "datePublished": "2025-10-07T15:21:05.836Z", "dateUpdated": "2025-10-07T15:21:05.836Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-10-07T15:21:05.836Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: qcom-adm: fix wrong sizeof config in slave_config\n\nFix broken slave_config function that uncorrectly compare the\nperipheral_size with the size of the config pointer instead of the size\nof the config struct. This cause the crci value to be ignored and cause\na kernel panic on any slave that use adm driver.\n\nTo fix this, compare to the size of the struct and NOT the size of the\npointer."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/qcom/qcom_adm.c"], "versions": [{"version": "03de6b273805b3c552ff158f8688555937375926", "lessThan": "f1dd45a6585a1689e1e8906b3f9e302b9d40c715", "status": "affected", "versionType": "git"}, {"version": "03de6b273805b3c552ff158f8688555937375926", "lessThan": "7490274b41a432824f7df5071ace3df2ab59caa7", "status": "affected", "versionType": "git"}, {"version": "03de6b273805b3c552ff158f8688555937375926", "lessThan": "7c8765308371be30f50c1b5b97618b731514b207", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/qcom/qcom_adm.c"], "versions": [{"version": "5.17", "status": "affected"}, {"version": "0", "lessThan": "5.17", "status": "unaffected", "versionType": "semver"}, {"version": "5.19.17", "lessThanOrEqual": "5.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.0.3", "lessThanOrEqual": "6.0.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.17", "versionEndExcluding": "5.19.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.17", "versionEndExcluding": "6.0.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.17", "versionEndExcluding": "6.1"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/f1dd45a6585a1689e1e8906b3f9e302b9d40c715"}, {"url": "https://git.kernel.org/stable/c/7490274b41a432824f7df5071ace3df2ab59caa7"}, {"url": "https://git.kernel.org/stable/c/7c8765308371be30f50c1b5b97618b731514b207"}], "title": "dmaengine: qcom-adm: fix wrong sizeof config in slave_config", "x_generator": {"engine": "bippy-1.2.0"}}}}