{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2022-49500","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-02-26T02:08:31.586Z","datePublished":"2025-02-26T02:13:34.223Z","dateUpdated":"2025-05-04T08:39:16.013Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2025-05-04T08:39:16.013Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nwl1251: dynamically allocate memory used for DMA\n\nWith introduction of vmap'ed stacks, stack parameters can no\nlonger be used for DMA and now leads to kernel panic.\n\nIt happens at several places for the wl1251 (e.g. when\naccessed through SDIO) making it unuseable on e.g. the\nOpenPandora.\n\nWe solve this by allocating temporary buffers or use wl1251_read32().\n\nTested on v5.18-rc5 with OpenPandora."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/ti/wl1251/event.c","drivers/net/wireless/ti/wl1251/io.c","drivers/net/wireless/ti/wl1251/tx.c"],"versions":[{"version":"a1c510d0adc604bb143c86052bc5be48cbcfa17c","lessThan":"da03bbfbf5acd1ab0b074617e865ad1e8a5779ef","status":"affected","versionType":"git"},{"version":"a1c510d0adc604bb143c86052bc5be48cbcfa17c","lessThan":"454744754cbf2c21b3fc7344e46e10bee2768094","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["drivers/net/wireless/ti/wl1251/event.c","drivers/net/wireless/ti/wl1251/io.c","drivers/net/wireless/ti/wl1251/tx.c"],"versions":[{"version":"5.18","status":"affected"},{"version":"0","lessThan":"5.18","status":"unaffected","versionType":"semver"},{"version":"5.18.3","lessThanOrEqual":"5.18.*","status":"unaffected","versionType":"semver"},{"version":"5.19","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.18","versionEndExcluding":"5.18.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.18","versionEndExcluding":"5.19"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/da03bbfbf5acd1ab0b074617e865ad1e8a5779ef"},{"url":"https://git.kernel.org/stable/c/454744754cbf2c21b3fc7344e46e10bee2768094"}],"title":"wl1251: dynamically allocate memory used for DMA","x_generator":{"engine":"bippy-1.2.0"}}}}