-
CVE-2022-50655
- EPSS 0.03%
- Veröffentlicht 09.12.2025 00:00:30
- Zuletzt bearbeitet 09.12.2025 18:37:13
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
In the Linux kernel, the following vulnerability has been resolved:
ppp: associate skb with a device at tx
Syzkaller triggered flow dissector warning with the following:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000240)={0x2, &(0x7f0000000180)=[{0x20, 0x0, 0x0, 0xfffff034}, {0x6}]})
pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000140)='\x00!', 0x2}], 0x1, 0x0, 0x0)
[ 9.485814] WARNING: CPU: 3 PID: 329 at net/core/flow_dissector.c:1016 __skb_flow_dissect+0x1ee0/0x1fa0
[ 9.485929] skb_get_poff+0x53/0xa0
[ 9.485937] bpf_skb_get_pay_offset+0xe/0x20
[ 9.485944] ? ppp_send_frame+0xc2/0x5b0
[ 9.485949] ? _raw_spin_unlock_irqrestore+0x40/0x60
[ 9.485958] ? __ppp_xmit_process+0x7a/0xe0
[ 9.485968] ? ppp_xmit_process+0x5b/0xb0
[ 9.485974] ? ppp_write+0x12a/0x190
[ 9.485981] ? do_iter_write+0x18e/0x2d0
[ 9.485987] ? __import_iovec+0x30/0x130
[ 9.485997] ? do_pwritev+0x1b6/0x240
[ 9.486016] ? trace_hardirqs_on+0x47/0x50
[ 9.486023] ? __x64_sys_pwritev+0x24/0x30
[ 9.486026] ? do_syscall_64+0x3d/0x80
[ 9.486031] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd
Flow dissector tries to find skb net namespace either via device
or via socket. Neigher is set in ppp_send_frame, so let's manually
use ppp->dev.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
e387a25552951802102e279931d6f7dd2ecc34c1
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
30f186978e87bef2f22ed349010d3e23271e8d44
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
c2a698ff156974908308f42cf5991ab5c0c4b8cd
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
7da524781c531ebaf2f94c9dc4c541b82edecfed
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
148dcbd3af039ae39c3af697a3183008c7995805
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
4b8f3b939266c90f03b7cc7e26a4c28c7b64137b
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
18dc946360bfe0de016a59e3cc3ee1f450fceb9d
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
ee678b1f52f9439e930db2db3fd7e345d03e1a50
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
Version <
9f225444467b98579cf28d94f4ad053460dfdb84
Version
1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version <=
4.9.*
Version
4.9.337
Status
unaffected
Version <=
4.14.*
Version
4.14.303
Status
unaffected
Version <=
4.19.*
Version
4.19.270
Status
unaffected
Version <=
5.4.*
Version
5.4.229
Status
unaffected
Version <=
5.10.*
Version
5.10.163
Status
unaffected
Version <=
5.15.*
Version
5.15.86
Status
unaffected
Version <=
6.0.*
Version
6.0.16
Status
unaffected
Version <=
6.1.*
Version
6.1.2
Status
unaffected
Version <=
*
Version
6.2
Status
unaffected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.03% | 0.091 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|