CVE-2022-50365
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-17

Last updated on: 2025-12-10

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail can have some unexpected side effects if a program uses a helper like BPF_FUNC_skb_pull_data to read partial content beyond the head skb headlen when all the skbs in the gso frag_list are linear with no head_frag - kernel BUG at net/core/skbuff.c:4219! pc : skb_segment+0xcf4/0xd2c lr : skb_segment+0x63c/0xd2c Call trace: skb_segment+0xcf4/0xd2c __udp_gso_segment+0xa4/0x544 udp4_ufo_fragment+0x184/0x1c0 inet_gso_segment+0x16c/0x3a4 skb_mac_gso_segment+0xd4/0x1b0 __skb_gso_segment+0xcc/0x12c udp_rcv_segment+0x54/0x16c udp_queue_rcv_skb+0x78/0x144 udp_unicast_rcv_skb+0x8c/0xa4 __udp4_lib_rcv+0x490/0x68c udp_rcv+0x20/0x30 ip_protocol_deliver_rcu+0x1b0/0x33c ip_local_deliver+0xd8/0x1f0 ip_rcv+0x98/0x1a4 deliver_ptype_list_skb+0x98/0x1ec __netif_receive_skb_core+0x978/0xc60 Fix this by marking these skbs as GSO_DODGY so segmentation can handle the tail updates accordingly.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-17
Last Modified
2025-12-10
Generated
2026-06-16
AI Q&A
2025-09-17
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50365
Affected Vendors & Products
Showing 10 associated CPEs
Vendor Product Version / Range
linux linux_kernel From 4.9.194 (inc) to 4.9.337 (exc)
linux linux_kernel From 4.14.145 (inc) to 4.14.303 (exc)
linux linux_kernel From 4.19.74 (inc) to 4.19.270 (exc)
linux linux_kernel From 5.2.16 (inc) to 5.3 (exc)
linux linux_kernel From 5.3.1 (inc) to 5.4.229 (exc)
linux linux_kernel From 5.5 (inc) to 5.10.163 (exc)
linux linux_kernel From 5.11 (inc) to 5.15.86 (exc)
linux linux_kernel From 5.16 (inc) to 6.0.16 (exc)
linux linux_kernel From 6.1 (inc) to 6.1.2 (exc)
linux linux_kernel 5.3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-NVD-CWE-noinfo
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel involves improper handling of the tail adjustment during pull operations on skbuffs (socket buffers). Specifically, when a program uses a helper like BPF_FUNC_skb_pull_data to read partial content beyond the head skb headlen, and all skbs in the gso frag_list are linear with no head_frag, extending the tail can cause unexpected side effects leading to a kernel BUG. The issue occurs in skb_segment and related functions during UDP segmentation offload processing. The fix involves marking these skbs as GSO_DODGY so that segmentation can properly handle tail updates.

Impact Analysis

This vulnerability can cause a kernel crash (kernel BUG) when processing certain network packets, potentially leading to denial of service on affected systems. Programs using BPF helpers to read packet data may trigger this bug, causing instability or interruption of network services.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50365. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart