CVE-2022-49581
HIGH EPSS 20.1%
Published Feb 26, 20251y ago · Modified Jun 17, 20262w ago
7.8 CVSS 3.1
Published Feb 26, 2025 1y ago
Last Modified Jun 17, 2026 2w ago
Description
In the Linux kernel, the following vulnerability has been resolved: be2net: Fix buffer overflow in be_get_module_eeprom be_cmd_read_port_transceiver_data assumes that it is given a buffer that is at least PAGE_DATA_LEN long, or twice that if the module supports SFF 8472. However, this is not always the case. Fix this by passing the desired offset and length to be_cmd_read_port_transceiver_data so that we only copy the bytes once.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality High
Integrity High
Availability High
Threat Intelligence
EPSS Exploit Probability
20.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-787 Out-of-bounds Write Memory Safety
Affected Products 14
| Vendor | Product | Version | Range |
|---|---|---|---|
| linux | linux_kernel | * | ≥3.18 – <4.9.325 |
| linux | linux_kernel | * | ≥4.10 – <4.14.290 |
| linux | linux_kernel | * | ≥4.15 – <4.19.254 |
| linux | linux_kernel | * | ≥4.20 – <5.4.208 |
| linux | linux_kernel | * | ≥5.5 – <5.10.134 |
| linux | linux_kernel | * | ≥5.11 – <5.15.58 |
| linux | linux_kernel | * | ≥5.16 – <5.18.15 |
| linux | linux_kernel | 5.19 | any |
| linux | linux_kernel | 5.19 | any |
| linux | linux_kernel | 5.19 | any |
| linux | linux_kernel | 5.19 | any |
| linux | linux_kernel | 5.19 | any |
| linux | linux_kernel | 5.19 | any |
| linux | linux_kernel | 5.19 | any |
References 8
- git.kernel.org https://git.kernel.org/stable/c/18043da94c023f3ef09c15017bdb04e8f695ef10
- git.kernel.org https://git.kernel.org/stable/c/665cbe91de2f7c97c51ca8fce39aae26477c1948
- git.kernel.org https://git.kernel.org/stable/c/8ff4f9df73e5c551a72ee6034886c17e8de6596d
- git.kernel.org https://git.kernel.org/stable/c/a5a8fc0679a8fd58d47aa2ebcfc5742631f753f9
- git.kernel.org https://git.kernel.org/stable/c/a8569f76df7ec5b4b51155c57523a0b356db5741
- git.kernel.org https://git.kernel.org/stable/c/aba8ff847f4f927ad7a1a1ee4a9f29989a1a728f
- git.kernel.org https://git.kernel.org/stable/c/d7241f679a59cfe27f92cb5c6272cb429fb1f7ec
- git.kernel.org https://git.kernel.org/stable/c/fe4473fc7940f14c4a12db873b9729134c212654
Remediation
- git.kernel.org https://git.kernel.org/stable/c/18043da94c023f3ef09c15017bdb04e8f695ef10
- git.kernel.org https://git.kernel.org/stable/c/665cbe91de2f7c97c51ca8fce39aae26477c1948
- git.kernel.org https://git.kernel.org/stable/c/8ff4f9df73e5c551a72ee6034886c17e8de6596d
- git.kernel.org https://git.kernel.org/stable/c/a5a8fc0679a8fd58d47aa2ebcfc5742631f753f9
- git.kernel.org https://git.kernel.org/stable/c/a8569f76df7ec5b4b51155c57523a0b356db5741
- git.kernel.org https://git.kernel.org/stable/c/aba8ff847f4f927ad7a1a1ee4a9f29989a1a728f
- git.kernel.org https://git.kernel.org/stable/c/d7241f679a59cfe27f92cb5c6272cb429fb1f7ec
- git.kernel.org https://git.kernel.org/stable/c/fe4473fc7940f14c4a12db873b9729134c212654