CVE-2022-49972
BaseFortify
Publication date: 2025-06-18
Last updated on: 2025-11-13
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | 6.0 |
| linux | linux_kernel | 6.0 |
| linux | linux_kernel | 6.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
This vulnerability can lead to corrupted network packets when multiple sockets share the same umem in XDP_SHARED_UMEM mode. This could cause network communication failures, data loss, or degraded network performance for applications relying on this functionality.
Can you explain this vulnerability to me?
This vulnerability is in the Linux kernel's XDP_SHARED_UMEM mode, where packets become corrupted for the second and any further sockets bound to the same umem (user memory). The issue arises because the DMA addresses for the pre-populated xsk buffer pool entries were only initialized for the first socket bound to the umem, not for subsequent sockets. This caused packet corruption in those additional sockets. The fix involves properly populating the DMA addresses for every socket bound to the same umem.