CVE-2026-23084

A NULL pointer dereference vulnerability was found in the Linux kernel's be2net driver for Emulex BladeEngine network adapters. The becmdgetmacfromlist function is called with pmacidvalid set to false and pmacid set to NULL, violating the function's contract. When the function attempts to store t...

CVE-2025-40264

The CVE-2025-40264 issue affects the Linux kernel be2net code path with OS2BMC. be_insert_vlan_in_pkt() could dereference a NULL wrb_params at the be_send_pkt_to_bmc() call site, due to the wrb_params not being passed from be_xmit(); this could lead to a NULL pointer dereference. The fix involves...

CVE-2022-49581 be2net: Fix buffer overflow in be_get_module_eeprom

In the Linux kernel, the following vulnerability has been resolved: be2net: Fix buffer overflow in begetmoduleeeprom becmdreadporttransceiverdata assumes that it is given a buffer that is at least PAGEDATALEN long, or twice that if the module supports SFF 8472. However, this is not always the cas...

CVE-2022-49581

CVE-2022-49581 : In the Linux kernel, the be2net driver had a buffer overflow in be_get_module_eeprom due to improper handling of buffer length in be_cmd_read_port_transceiver_data. The vulnerable path could copy more data than available when the buffer is smaller than PAGE_DATA_LEN (or twice tha...

CVE-2024-50167

In the Linux kernel, the following vulnerability has been resolved: be2net: fix potential memory leak in bexmit The bexmit returns NETDEVTXOK without freeing skb in case of bexmitenqueue fails, add devkfreeskbany to fix it...