PT-2025-8514 · Linux+2 · Linux Kernel+2

Hristo Venev

Published

2022-07-19

Updated

2025-04-16

CVE-2022-49581

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A buffer overflow issue has been identified in the Linux kernel, specifically in the be2net component. The be cmd read port transceiver data function assumes it is given a buffer of a certain length, but this is not always the case. This can lead to a buffer overflow. The issue is resolved by passing the desired offset and length to be cmd read port transceiver data to prevent excessive byte copying.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-119CWE-120

Related Identifiers

BDU:2026-03698

CVE-2022-49581

OESA-2025-1317

RHSA-2026:1494

RHSA-2026:1495

SUSE-SU-2025:1027-1

SUSE-SU-2025:1176-1

SUSE-SU-2025:1183-1

SUSE-SU-2025:1241-1

SUSE-SU-2025:1293-1

SUSE-SU-2025_1027-1

SUSE-SU-2025_1241-1

SUSE-SU-2025_1293-1

Affected Products

Astra Linux

Linux Kernel

Suse

PT-2025-8514 · Linux+2 · Linux Kernel+2

CVE-2022-49581

Weakness Enumeration

Related Identifiers

Affected Products

References · 1520