DEBIAN-CVE-2025-22049

DEBIAN-CVE-2025-22049 PUBLISHED CVSS 5.5 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Increase ARCH_DMA_MINALIGN up to 16 ARCH_DMA_MINALIGN is 1 by default, but some LoongArch-specific devices (such as APBDMA) require 16 bytes alignment. When the data buffer length is too small, the hardware may make an error writing cacheline. Thus, it is dangerous to allocate a small memory buffer for DMA. It's always safe to define ARCH_DMA_MINALIGN as L1_CACHE_BYTES but unnecessary (kmalloc() need small memory objects). Therefore, just increase it to 16.

Risk Scores

CVSS v3.1

5.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:12	linux	6.1.106-3, 6.1.55-1, 6.1.55-1
Debian:14	linux	0, 0
Debian:13	linux	0, 0
Debian:11	linux-6.1	6.1.106-3~deb11u1, 6.1.106-3~deb11u2, 6.1.106-3~deb11u3

Timeline

Apr 16, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2025-22049 advisory

Open in Interactive Console →