CVE-2025-22049 — Linux vulnerability

6 documents6 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 76.27%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +3 more

Timeline

PublishedApr 16

Description

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Increase ARCH_DMA_MINALIGN up to 16 ARCH_DMA_MINALIGN is 1 by default, but some LoongArch-specific devices (such as APBDMA) require 16 bytes alignment. When the data buffer length is too small, the hardware may make an error writing cacheline. Thus, it is dangerous to allocate a small memory buffer for DMA. It's always safe to define ARCH_DMA_MINALIGN as L1_CACHE_BYTES but unnecessary (kmalloc() need small memory ob…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages7 packages

▶NVDlinux/linux_kernel5.19 — 6.1.134+4

▶Debianlinux/linux_kernel< 6.1.135-1+2

▶msrcmsrc/azl3_kernel_6.6.85.1-4_on_azure_linux_3.0

▶msrcmsrc/azl3_kernel_6.6.92.2-1_on_azure_linux_3.0

▶CVEListV5linux/linuxfa96b57c149061f71a70bd6582d995f6424fbbf4 — f39af67f03b564b763b06e44cb960c10a382d54a+6

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-q8p5-jh8j-ww29: In the Linux kernel, the following vulnerability has been resolved: LoongArch: Increase ARCH_DMA_MINALIGN up to 16 ARCH_DMA_MINALIGN is 1 by default↗2025-04-16

▶

OSV

CVE-2025-22049: In the Linux kernel, the following vulnerability has been resolved: LoongArch: Increase ARCH_DMA_MINALIGN up to 16 ARCH_DMA_MINALIGN is 1 by default,↗2025-04-16

▶

📋Vendor Advisories

Red Hat

kernel: LoongArch: Increase ARCH_DMA_MINALIGN up to 16↗2025-04-16

▶

Microsoft

LoongArch: Increase ARCH_DMA_MINALIGN up to 16↗2025-04-08

▶

Debian

CVE-2025-22049: linux - In the Linux kernel, the following vulnerability has been resolved: LoongArch: ...↗2025

▶