PT-2025-8012 · Linux+3 · Linux Kernel+3

Jamie Bainbridge

Published

2022-04-06

Updated

2025-05-22

CVE-2022-49084

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A issue in the Linux kernel has been identified where the qede build skb() function assumes that build skb() always allocates memory successfully and proceeds to call skb reserve(). However, under memory pressure, build skb() can fail to allocate memory and return NULL, leading to a kernel panic because it attempts to reserve a NULL skb. The problem is resolved by adding a check to handle the case where build skb() fails to allocate memory.

Recommendations For the affected Linux kernel versions, add a check in the qede build skb() function to handle the case where build skb() returns NULL, indicating a failed memory allocation. This check should prevent the kernel panic by correctly handling the NULL return value.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476CWE-388

Related Identifiers

BDU:2025-06058

CVE-2022-49084

OESA-2025-1465

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1293-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1293-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2025-8012 · Linux+3 · Linux Kernel+3

CVE-2022-49084

Weakness Enumeration

Related Identifiers

Affected Products

References · 1524