CVE-2022-49975
BaseFortify
Publication date: 2025-06-18
Last updated on: 2025-11-13
Assigner: kernel.org
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
| linux | linux_kernel | From 5.15.160 (inc) to 5.16 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the Linux kernel involves the bpf subsystem where packets with invalid packet lengths (pkt_len) can be redirected. Specifically, the issue arises because the function fq_codel_drop() attempts to drop a flow without any socket buffers (skbs), meaning the flow's head is null. The root cause is that bpf_prog_test_run_skb() runs a BPF program that redirects empty skbs. The vulnerability is due to not validating the length of packets modified by BPF programs or tests before forwarding them, which can lead to improper handling of invalid packets.
How can this vulnerability impact me? :
This vulnerability can impact you by causing the Linux kernel to process and redirect packets with invalid lengths, potentially leading to unexpected behavior or instability in network packet handling. It may cause flows to be dropped incorrectly or lead to issues in packet processing pipelines that rely on BPF programs, which could affect network performance or reliability.