CVE-2022-50540
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-07

Last updated on: 2026-02-26

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong sizeof config in slave_config Fix broken slave_config function that uncorrectly compare the peripheral_size with the size of the config pointer instead of the size of the config struct. This cause the crci value to be ignored and cause a kernel panic on any slave that use adm driver. To fix this, compare to the size of the struct and NOT the size of the pointer.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-07
Last Modified
2026-02-26
Generated
2026-06-16
AI Q&A
2025-10-07
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50540
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 6.0 (inc) to 6.0.3 (inc)
linux kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is in the Linux kernel's dmaengine driver for Qualcomm ADM. The issue is that the slave_config function incorrectly compares the peripheral_size with the size of a pointer to the config instead of the size of the actual config structure. This causes the crci value to be ignored and can lead to a kernel panic when any slave uses the ADM driver. The fix involves comparing the peripheral_size to the size of the config struct rather than the pointer size.

Impact Analysis

This vulnerability can cause a kernel panic on systems using the ADM driver with slaves, potentially leading to system crashes or instability. This can disrupt normal operations and may cause data loss or downtime.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50540. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart