PT-2025-8497 · Linux+3 · Linux Kernel+3

Giovanni Cabiddu

·

Published

2022-01-01

·

Updated

2026-03-14

·

CVE-2022-49564

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description A potential integer underflow issue has been identified in the Linux kernel's crypto subsystem, specifically in the QAT (Quick Assist Technology) module. This issue could occur when handling requests with a source buffer larger than the key size, potentially leading to problems when copying the source scatterlist into a linear buffer.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-191

Related Identifiers

BDU:2026-02581
CVE-2022-49564
OESA-2025-1282
OESA-2025-1283
OESA-2025-1284
OPENSUSE-SU-2025_1213-1
OPENSUSE-SU-2025_1225-1
OPENSUSE-SU-2025_1248-1
OPENSUSE-SU-2025_1254-1
OPENSUSE-SU-2025_1259-1
OPENSUSE-SU-2025_1260-1
OPENSUSE-SU-2025_1262-1
OPENSUSE-SU-2025_1263-1
OPENSUSE-SU-2025_1275-1
SUSE-SU-2025:01907-1
SUSE-SU-2025:01908-1
SUSE-SU-2025:01956-1
SUSE-SU-2025:01958-1
SUSE-SU-2025:1027-1
SUSE-SU-2025:1176-1
SUSE-SU-2025:1183-1
SUSE-SU-2025:1194-1
SUSE-SU-2025:1213-1
SUSE-SU-2025:1225-1
SUSE-SU-2025:1231-1
SUSE-SU-2025:1236-1
SUSE-SU-2025:1241-1
SUSE-SU-2025:1248-1
SUSE-SU-2025:1254-1
SUSE-SU-2025:1259-1
SUSE-SU-2025:1260-1
SUSE-SU-2025:1262-1
SUSE-SU-2025:1263-1
SUSE-SU-2025:1275-1
SUSE-SU-2025:1278-1
SUSE-SU-2025:1293-1
SUSE-SU-2025:4123-1
SUSE-SU-2025_1027-1
SUSE-SU-2025_1241-1
SUSE-SU-2025_1263-1
SUSE-SU-2025_1293-1

Affected Products

Astra Linux
Debian
Linux Kernel
Suse