CVE-2022-50540

In the Linux kernel, the following vulnerability has been resolved:

dmaengine: qcom-adm: fix wrong sizeof config in slave_config

Fix broken slave_config function that uncorrectly compare the
peripheral_size with the size of the config pointer instead of the size
of the config struct. This cause the crci value to be ignored and cause
a kernel panic on any slave that use adm driver.

To fix this, compare to the size of the struct and NOT the size of the
pointer.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
LinuxCNA
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
not-affected
bullseye (security)
5.10.237-1
fixed
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.153-1
fixed
trixie
6.12.43-1
fixed
trixie (security)
6.12.48-1
fixed
forky
6.16.9-1
fixed
sid
6.16.11-1
fixed
References
https://git.kernel.org/stable/c/7490274b41a432824f7df5071ace3df2ab59caa7
https://git.kernel.org/stable/c/7c8765308371be30f50c1b5b97618b731514b207
https://git.kernel.org/stable/c/f1dd45a6585a1689e1e8906b3f9e302b9d40c715