PT-2025-8254 · Linux+2 · Linux Kernel+2

Published

2022-05-16

Updated

2025-06-17

CVE-2022-49320

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A potential overflow issue has been identified in the Linux kernel, specifically in the zynqmp dma component. The issue arises from the use of 32-bit data types for desc size and ZYNQMP DMA NUM DESCS in the zynqmp dma alloc and zynqmp dma free chan resources functions. Although this overflow condition has not been observed, it poses a potential problem due to 32-bit multiplication. The issue has been resolved by changing the desc size data type to size t and reusing the ZYNQMP DMA DESC SIZE macro in the dma alloc coherent API argument.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Overflow

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190CWE-120

Related Identifiers

BDU:2026-02649

CVE-2022-49320

OPENSUSE-SU-2025_1263-1

SUSE-SU-2025:01982-1

SUSE-SU-2025:01983-1

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1194-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1263-1

SUSE-SU-2025_01982-1

SUSE-SU-2025_01983-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1263-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-8254 · Linux+2 · Linux Kernel+2

CVE-2022-49320

Weakness Enumeration

Related Identifiers

Affected Products

References · 1726