{
  "threat_severity" : "Moderate",
  "public_date" : "2025-06-18T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: usb: cdns3: fix random warning message when driver load",
    "id" : "2373554",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2373554"
  },
  "cvss3" : {
    "cvss3_base_score" : "4.7",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nusb: cdns3: fix random warning message when driver load\nWarning log:\n[    4.141392] Unexpected gfp: 0x4 (GFP_DMA32). Fixing up to gfp: 0xa20 (GFP_ATOMIC). Fix your code!\n[    4.150340] CPU: 1 PID: 175 Comm: 1-0050 Not tainted 5.15.5-00039-g2fd9ae1b568c #20\n[    4.158010] Hardware name: Freescale i.MX8QXP MEK (DT)\n[    4.163155] Call trace:\n[    4.165600]  dump_backtrace+0x0/0x1b0\n[    4.169286]  show_stack+0x18/0x68\n[    4.172611]  dump_stack_lvl+0x68/0x84\n[    4.176286]  dump_stack+0x18/0x34\n[    4.179613]  kmalloc_fix_flags+0x60/0x88\n[    4.183550]  new_slab+0x334/0x370\n[    4.186878]  ___slab_alloc.part.108+0x4d4/0x748\n[    4.191419]  __slab_alloc.isra.109+0x30/0x78\n[    4.195702]  kmem_cache_alloc+0x40c/0x420\n[    4.199725]  dma_pool_alloc+0xac/0x1f8\n[    4.203486]  cdns3_allocate_trb_pool+0xb4/0xd0\npool_alloc_page(struct dma_pool *pool, gfp_t mem_flags)\n{\n...\npage = kmalloc(sizeof(*page), mem_flags);\npage->vaddr = dma_alloc_coherent(pool->dev, pool->allocation,\n&page->dma, mem_flags);\n...\n}\nkmalloc was called with mem_flags, which is passed down in\ncdns3_allocate_trb_pool() and have GFP_DMA32 flags.\nkmall_fix_flags() report warning.\nGFP_DMA32 is not useful at all. dma_alloc_coherent() will handle\nDMA memory region correctly by pool->dev. GFP_DMA32 can be removed\nsafely." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-05-09T00:00:00Z",
    "advisory" : "RHSA-2023:2458",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-284.11.1.el9_2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-05-09T00:00:00Z",
    "advisory" : "RHSA-2023:2458",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-284.11.1.el9_2"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-50151\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-50151\nhttps://lore.kernel.org/linux-cve-announce/2025061822-CVE-2022-50151-6132@gregkh/T" ],
  "name" : "CVE-2022-50151",
  "csaw" : false
}