CVE-2022-49650

26.02.2025, 07:01

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: qcom: bam_dma: fix runtime PM underflow

Commit dbad41e7bb5f ("dmaengine: qcom: bam_dma: check if the runtime pm enabled")
caused unbalanced pm_runtime_get/put() calls when the bam is
controlled remotely. This commit reverts it and just enables pm_runtime
in all cases, the clk_* functions already just nop when the clock is NULL.

Also clean up a bit by removing unnecessary bamclk null checks.

Wrap or Wraparound

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Linux	CNA	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 6%

Vendor	Product	Version
linux	linux_kernel	4.17.1 ≤ 𝑥 < 5.15.54
linux	linux_kernel	5.16 ≤ 𝑥 < 5.18.11
linux	linux_kernel	4.17
linux	linux_kernel	4.17:rc6
linux	linux_kernel	4.17:rc7
linux	linux_kernel	5.19:rc1
linux	linux_kernel	5.19:rc2
linux	linux_kernel	5.19:rc3
linux	linux_kernel	5.19:rc4
linux	linux_kernel	5.19:rc5

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

linux

bullseye	vulnerable
bullseye (security)	vulnerable
bookworm	6.1.123-1 fixed
bookworm (security)	6.1.128-1 fixed
trixie	6.12.12-1 fixed
sid	6.12.16-1 fixed

Common Weakness Enumeration

CWE-191 - Integer Underflow (Wrap or Wraparound)
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

References

https://git.kernel.org/stable/c/0ac9c3dd0d6fe293cd5044cfad10bec27d171e4e

https://git.kernel.org/stable/c/2f6ded79068cac8cff41d5d5632564165d98ee12

https://git.kernel.org/stable/c/b702a1077b51fcb39507cc3bd39206f539319a96