-
CVE-2022-50655
- EPSS 0.04%
- Veröffentlicht 09.12.2025 00:00:30
- Zuletzt bearbeitet 23.12.2025 14:16:39
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- CVE-Watchlists
- Unerledigt
In the Linux kernel, the following vulnerability has been resolved:
ppp: associate skb with a device at tx
Syzkaller triggered flow dissector warning with the following:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSACTIVE(r0, 0x40107446, &(0x7f0000000240)={0x2, &(0x7f0000000180)=[{0x20, 0x0, 0x0, 0xfffff034}, {0x6}]})
pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000140)='\x00!', 0x2}], 0x1, 0x0, 0x0)
[ 9.485814] WARNING: CPU: 3 PID: 329 at net/core/flow_dissector.c:1016 __skb_flow_dissect+0x1ee0/0x1fa0
[ 9.485929] skb_get_poff+0x53/0xa0
[ 9.485937] bpf_skb_get_pay_offset+0xe/0x20
[ 9.485944] ? ppp_send_frame+0xc2/0x5b0
[ 9.485949] ? _raw_spin_unlock_irqrestore+0x40/0x60
[ 9.485958] ? __ppp_xmit_process+0x7a/0xe0
[ 9.485968] ? ppp_xmit_process+0x5b/0xb0
[ 9.485974] ? ppp_write+0x12a/0x190
[ 9.485981] ? do_iter_write+0x18e/0x2d0
[ 9.485987] ? __import_iovec+0x30/0x130
[ 9.485997] ? do_pwritev+0x1b6/0x240
[ 9.486016] ? trace_hardirqs_on+0x47/0x50
[ 9.486023] ? __x64_sys_pwritev+0x24/0x30
[ 9.486026] ? do_syscall_64+0x3d/0x80
[ 9.486031] ? entry_SYSCALL_64_after_hwframe+0x63/0xcd
Flow dissector tries to find skb net namespace either via device
or via socket. Neigher is set in ppp_send_frame, so let's manually
use ppp->dev.Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginDaten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
7da524781c531ebaf2f94c9dc4c541b82edecfed
Version
d58e468b1112dcd1d5193c0a89ff9f98b5a3e8b9
Status
affected
Version <
148dcbd3af039ae39c3af697a3183008c7995805
Version
d58e468b1112dcd1d5193c0a89ff9f98b5a3e8b9
Status
affected
Version <
4b8f3b939266c90f03b7cc7e26a4c28c7b64137b
Version
d58e468b1112dcd1d5193c0a89ff9f98b5a3e8b9
Status
affected
Version <
18dc946360bfe0de016a59e3cc3ee1f450fceb9d
Version
d58e468b1112dcd1d5193c0a89ff9f98b5a3e8b9
Status
affected
Version <
ee678b1f52f9439e930db2db3fd7e345d03e1a50
Version
d58e468b1112dcd1d5193c0a89ff9f98b5a3e8b9
Status
affected
Version <
9f225444467b98579cf28d94f4ad053460dfdb84
Version
d58e468b1112dcd1d5193c0a89ff9f98b5a3e8b9
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
4.20
Status
affected
Version <
4.20
Version
0
Status
unaffected
Version <=
5.4.*
Version
5.4.229
Status
unaffected
Version <=
5.10.*
Version
5.10.163
Status
unaffected
Version <=
5.15.*
Version
5.15.86
Status
unaffected
Version <=
6.0.*
Version
6.0.16
Status
unaffected
Version <=
6.1.*
Version
6.1.2
Status
unaffected
Version <=
*
Version
6.2
Status
unaffected
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.098 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|