PT-2025-7989 · Linux+3 · Linux Kernel+3

Published

2022-04-07

Updated

2025-05-22

CVE-2022-49061

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A null-pointer dereference issue in the altr tse pcs function occurs when using a fixed-link, causing the driver to crash. This happens because no phy device is provided to the tse pcs fix mac speed() function. The issue is resolved by adding a check for phy dev before calling tse pcs fix mac speed(). Additionally, the tse pcs fix mac speed function is cleaned up by removing unnecessary checks for splitter base and sgmii adapter base, as the driver will fail if these variables are not derived from the device tree.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2025-06013

CVE-2022-49061

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2025-7989 · Linux+3 · Linux Kernel+3

CVE-2022-49061

Weakness Enumeration

Related Identifiers

Affected Products

References · 1341