CVE-2022-50541 – A Linux kernel vulnerability in the TI K3-UDMA ... (How to Fix)

Q: What is the severity of CVE-2022-50541?

CVE-2022-50541 has a CVSS score of 5.5 (MEDIUM). A Linux kernel vulnerability in the TI K3-UDMA driver causes 32-bit byte counters to overflow when transferring more than 4GB of data, leading to indefinite transfer hangs. This affects systems using Texas Instruments K3 UDMA hardware with vulnerable kernel versions. The vulnerability requires local access to trigger.

📋 TL;DR

A Linux kernel vulnerability in the TI K3-UDMA driver causes 32-bit byte counters to overflow when transferring more than 4GB of data, leading to indefinite transfer hangs. This affects systems using Texas Instruments K3 UDMA hardware with vulnerable kernel versions. The vulnerability requires local access to trigger.

💻 Affected Systems

Products:

Linux kernel with TI K3-UDMA driver

Versions: Kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Requires systems with Texas Instruments K3 UDMA hardware and DMA transfers exceeding 4GB.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Denial of service causing indefinite system hangs requiring physical intervention or reboot, potentially disrupting critical operations.

🟠

Likely Case

Local denial of service affecting DMA operations, causing specific transfers to hang and potentially impacting system performance.

🟢

If Mitigated

Minimal impact with proper patching; unpatched systems remain vulnerable to local DoS attacks.

🌐 Internet-Facing: LOW - Requires local access to trigger, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Local users or processes can cause denial of service affecting DMA operations.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW - Simple overflow condition requiring local access

Exploitation requires local access to trigger DMA transfers exceeding 4GB.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 7c94dcfa8fcff2dba53915f1dabfee49a3df8b88, a065657643a62a24b4435ddcaea45f1e9378749e, d68da10b0cceb4177b653833e794b2923a4ffbd7, e0b16bfbd3a4a8d09614046335f4482313e7c0c4

Vendor Advisory: https://git.kernel.org/stable/c/7c94dcfa8fcff2dba53915f1dabfee49a3df8b88

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Limit DMA transfer sizes

linux

Configure applications to avoid DMA transfers exceeding 4GB to prevent counter overflow

🧯 If You Can't Patch

Restrict local user access to systems with TI K3 UDMA hardware
Monitor for DMA transfer failures and system hangs

🔍 How to Verify

Check if Vulnerable:

Check kernel version and confirm TI K3-UDMA driver is loaded: lsmod | grep k3-udma

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and contains the fix commits

📡 Detection & Monitoring

Log Indicators:

Kernel logs showing DMA transfer hangs
System performance degradation during large transfers

SIEM Query:

Search for kernel panic or hang events on systems with TI K3 hardware

📊 Metadata

CVE ID: CVE-2022-50541

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Published: October 7, 2025

Last Updated: February 5, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON