PT-2025-8448 · Linux+4 · Linux Kernel+4

Hui Wang

Published

2022-04-05

Updated

2025-09-29

CVE-2022-49515

CVSS v3.1

7.1

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for the out-of-bounds access in otp packed element t

Description The issue is related to an out-of-bounds access in the Linux kernel, specifically in the cs35l41 driver. The problem occurs because the CS35L41 NUM OTP ELEM is defined as 100, but only 99 entries are defined in the array otp map 1/2, resulting in a shift-out-of-bounds warning when the last entry in the array is accessed. This warning is reported by UBSAN in the cs35l41 otp unpack function.

Recommendations As a temporary workaround, consider disabling the cs35l41 driver until a patch is available. Update to a Linux kernel version that includes the fix for the out-of-bounds access in otp packed element t.

Exploit

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALSA-2025_16880

BDU:2026-03683

CESA-2022_7683

CVE-2022-49515

RHSA-2022:7683

RHSA-2022:8267

RHSA-2022_7683

RHSA-2022_8267

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2025-8448 · Linux+4 · Linux Kernel+4

CVE-2022-49515

Weakness Enumeration

Related Identifiers

Affected Products

References · 1333