{"id":"CVE-2022-49320","summary":"dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type","details":"In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type\n\nIn zynqmp_dma_alloc/free_chan_resources functions there is a\npotential overflow in the below expressions.\n\ndma_alloc_coherent(chan-\u003edev, (2 * chan-\u003edesc_size *\n\t\t   ZYNQMP_DMA_NUM_DESCS),\n\t\t   &chan-\u003edesc_pool_p, GFP_KERNEL);\n\ndma_free_coherent(chan-\u003edev,(2 * ZYNQMP_DMA_DESC_SIZE(chan) *\n                 ZYNQMP_DMA_NUM_DESCS),\n                chan-\u003edesc_pool_v, chan-\u003edesc_pool_p);\n\nThe arguments desc_size and ZYNQMP_DMA_NUM_DESCS were 32 bit. Though\nthis overflow condition is not observed but it is a potential problem\nin the case of 32-bit multiplication. Hence fix it by changing the\ndesc_size data type to size_t.\n\nIn addition to coverity fix it also reuse ZYNQMP_DMA_DESC_SIZE macro in\ndma_alloc_coherent API argument.\n\nAddresses-Coverity: Event overflow_before_widen.","modified":"2026-04-11T12:43:53.873941Z","published":"2025-02-26T02:10:45.703Z","related":["SUSE-SU-2025:01982-1","SUSE-SU-2025:01983-1","SUSE-SU-2025:1027-1","SUSE-SU-2025:1176-1","SUSE-SU-2025:1183-1","SUSE-SU-2025:1194-1","SUSE-SU-2025:1241-1","SUSE-SU-2025:1263-1"],"database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49320.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/4838969e4d95d2bd2995d1605b20d3144fcb3e74"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7b5488f4721fed6e121e661e165bab06ae2f8675"},{"type":"WEB","url":"https://git.kernel.org/stable/c/83960276ffc9bf5570d4106490346b61e61be5f3"},{"type":"WEB","url":"https://git.kernel.org/stable/c/90aefae2e3a770a6909d339f5d8a988c0b0ceaf0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/95a0ba85c1b51b36e909841c02d205cd223ab753"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f9a9f43a62a04ec3183fb0da9226c7706eed0115"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/49xxx/CVE-2022-49320.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49320"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b0cc417c1637192be658e68a74c8d1568e3d35f6"},{"fixed":"83960276ffc9bf5570d4106490346b61e61be5f3"},{"fixed":"95a0ba85c1b51b36e909841c02d205cd223ab753"},{"fixed":"7b5488f4721fed6e121e661e165bab06ae2f8675"},{"fixed":"4838969e4d95d2bd2995d1605b20d3144fcb3e74"},{"fixed":"90aefae2e3a770a6909d339f5d8a988c0b0ceaf0"},{"fixed":"f9a9f43a62a04ec3183fb0da9226c7706eed0115"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49320.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"4.8.0"},{"fixed":"5.4.198"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.5.0"},{"fixed":"5.10.122"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.47"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"5.17.15"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.18.0"},{"fixed":"5.18.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-49320.json"}}],"schema_version":"1.7.5"}