CVE-2022-49650
📋 TL;DR
This CVE involves an unbalanced runtime power management (PM) issue in the Linux kernel's BAM DMA driver for Qualcomm chips. It causes PM underflow when the BAM is controlled remotely, potentially leading to system instability or crashes. Affected systems are those running vulnerable Linux kernel versions with Qualcomm BAM DMA functionality enabled.
💻 Affected Systems
- Linux kernel with Qualcomm BAM DMA driver
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
System crash or kernel panic leading to denial of service, potentially requiring physical reboot.
Likely Case
System instability, unexpected reboots, or performance degradation when DMA operations are active.
If Mitigated
Minimal impact if systems are patched or don't use the affected BAM DMA functionality.
🎯 Exploit Status
Exploitation requires specific hardware conditions and local access. This appears to be a stability bug rather than a security vulnerability with traditional exploitation paths.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel trees via provided git commits
Vendor Advisory: https://git.kernel.org/stable/c/0ac9c3dd0d6fe293cd5044cfad10bec27d171e4e
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing fixes 0ac9c3dd0d6f, 2f6ded79068c, or b702a1077b51. 2. Rebuild kernel if compiling from source. 3. Reboot system to load new kernel.
🔧 Temporary Workarounds
Disable BAM DMA functionality
linuxIf not needed, disable Qualcomm BAM DMA driver via kernel configuration
echo 'blacklist qcom_bam_dma' >> /etc/modprobe.d/blacklist.conf
update-initramfs -u
reboot
🧯 If You Can't Patch
- Ensure systems don't use Qualcomm BAM DMA functionality
- Monitor system logs for instability or crash indicators related to DMA operations
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if BAM DMA module is loaded: 'uname -r' and 'lsmod | grep bam_dma'Check Version:
uname -rVerify Fix Applied:
Verify kernel version is updated and check dmesg for BAM DMA initialization without PM errors📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages
- PM runtime underflow errors in dmesg
- BAM DMA driver crash logs
Network Indicators:
- None - this is a local driver issue
SIEM Query:
source="kernel" AND ("bam_dma" OR "PM underflow" OR "runtime PM")