PT-2025-1375 · Linux+3 · Linux Kernel+3

Published

2022-09-24

Updated

2025-03-11

CVE-2022-49035

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A vulnerability in the Linux kernel has been resolved, specifically in the media: s5p cec component, where the msg.len is limited to CEC MAX MSG SIZE. This change is intended to handle a corner case where the hardware may not have limited the message length to 16.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Allocation of Resources Without Limits

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-20

Related Identifiers

BDU:2025-01976

CVE-2022-49035

OESA-2025-1034

OESA-2025-1035

OPENSUSE-SU-2025_0201-1

OPENSUSE-SU-2025_0202-1

OPENSUSE-SU-2025_0203-1

OPENSUSE-SU-2025_0229-1

SUSE-SU-2025:0201-1

SUSE-SU-2025:0201-2

SUSE-SU-2025:0202-1

SUSE-SU-2025:0203-1

SUSE-SU-2025:0229-1

SUSE-SU-2025:0230-1

SUSE-SU-2025:0231-1

SUSE-SU-2025:0236-1

SUSE-SU-2025_0201-1

SUSE-SU-2025_0201-2

SUSE-SU-2025_0202-1

SUSE-SU-2025_0203-1

SUSE-SU-2025_0236-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2025-1375 · Linux+3 · Linux Kernel+3

CVE-2022-49035

Weakness Enumeration

Related Identifiers

Affected Products

References · 532