CVE-2025-22049

LoongArch: Increase ARCH_DMA_MINALIGN up to 16

Description

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Increase ARCH_DMA_MINALIGN up to 16 ARCH_DMA_MINALIGN is 1 by default, but some LoongArch-specific devices (such as APBDMA) require 16 bytes alignment. When the data buffer length is too small, the hardware may make an error writing cacheline. Thus, it is dangerous to allocate a small memory buffer for DMA. It's always safe to define ARCH_DMA_MINALIGN as L1_CACHE_BYTES but unnecessary (kmalloc() need small memory objects). Therefore, just increase it to 16.

N/A
CVSS
Severity:
EPSS 0.06%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/f39af67f03b564b763b06e44cb960c10a382d54a
https://git.kernel.org/stable/c/279ec25c2df49fba1cd9488f2ddd045d9cb2112e
https://git.kernel.org/stable/c/1d0def2d1658666ec1f32c9495df60e7411e3c82
https://git.kernel.org/stable/c/bfff341cac7c650e6ca8d10503725992f5564d0f
https://git.kernel.org/stable/c/8b82aea3666f8f2c78f86148d78aea99c46e0f82
https://git.kernel.org/stable/c/4103cfe9dcb88010ae4911d3ff417457d1b6a720

Frequently Asked Questions

What is the severity of CVE-2025-22049?
CVE-2025-22049 has not yet been assigned a CVSS score.
How to fix CVE-2025-22049?
To fix CVE-2025-22049, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-22049 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2025-22049 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-22049?
CVE-2025-22049 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.